s0cm0nkey.gitbook.io Open in urlscan Pro
172.64.147.209 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis
Submission: On December 14 via api (December 14th 2024, 6:02:37 am UTC) from US — Scanned from IT

Summary HTTP 75 Redirects Links 50 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 75 HTTP transactions. The main IP is 172.64.147.209, located in San Francisco, United States and belongs to CLOUDFLARENET, US. The main domain is s0cm0nkey.gitbook.io.
TLS certificate: Issued by WE1 on December 4th 2024. Valid for: 3 months.

This is the only time s0cm0nkey.gitbook.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
68	172.64.147.209 172.64.147.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.64.147.188 172.64.147.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.64.146.167 172.64.146.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
75	3

68 172.64.147.209 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

s0cm0nkey.gitbook.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.147.188 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.146.167 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

app.gitbook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.gitbook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	gitbook.io s0cm0nkey.gitbook.io	2 MB
4	fontawesome.com ka-p.fontawesome.com — Cisco Umbrella Rank: 3310	2 KB
3	gitbook.com app.gitbook.com — Cisco Umbrella Rank: 97037 api.gitbook.com — Cisco Umbrella Rank: 86259	6 KB
75	3

	Domain	Requested by
68	s0cm0nkey.gitbook.io	s0cm0nkey.gitbook.io
4	ka-p.fontawesome.com	s0cm0nkey.gitbook.io
2	api.gitbook.com	s0cm0nkey.gitbook.io
1	app.gitbook.com	s0cm0nkey.gitbook.io
75	4

This site contains links to these domains. Also see Links.

Domain
www.gitbook.com
zeltser.com
sansorg.egnyte.com
hunter.jorgetesta.tech
s0cm0nkey.github.io
www.exifdataviewer.com
www.extractmetadata.com
exifinfo.org
exif.regex.info
www.metadata2go.com
github.com
www.kali.org
en.wikipedia.org
malcat.fr
www.phishtool.com
eternal-todo.com
www.unix-ag.uni-kl.de
utopia.hacktic.nl
filesec.io
strontic.github.io
winbindex.m417z.com
www.garykessler.net
filesignatures.net
maxkersten.nl

Subject Issuer	Validity	Valid
gitbook.io WE1	`2024-12-04` - `2025-03-04`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-01-27`	6 months	crt.sh
gitbook.com WE1	`2024-11-07` - `2025-02-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis
Frame ID: 4DDDFDF63E9FB1425735D4DAA34E5DB0
Requests: 74 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

File/Binary Analysis | s0cm0nkey's Security Reference Guide

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

75
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

1
Countries

2433 kB
Transfer

4347 kB
Size

1
Cookies

50 Outgoing links

These are links going to different origins than the main page.

URL: https://www.gitbook.com/?utm_source=content&utm_medium=trademark&utm_campaign=-MQCNQTNhvnXD58Vo8Mf
Title: Powered by GitBook

Search URL Search Domain Scan URL

URL: https://zeltser.com/analyzing-malicious-documents/
Title: https://zeltser.com/analyzing-malicious-documents/

Search URL Search Domain Scan URL

URL: https://sansorg.egnyte.com/dl/IQ3GhaH868/
Title: SANS Malicious File Analysis Cheatsheet

Search URL Search Domain Scan URL

URL: https://hunter.jorgetesta.tech/malware/tips/analisis-estatico
Title: https://hunter.jorgetesta.tech/malware/tips/analisis-estatico

Search URL Search Domain Scan URL

URL: https://s0cm0nkey.github.io/EasyThreatFile.html
Title: https://s0cm0nkey.github.io/EasyThreatFile.html

Search URL Search Domain Scan URL

URL: http://www.exifdataviewer.com/
Title: http://www.exifdataviewer.com/

Search URL Search Domain Scan URL

URL: https://www.extractmetadata.com/
Title: https://www.extractmetadata.com/

Search URL Search Domain Scan URL

URL: https://exifinfo.org/
Title: https://exifinfo.org/

Search URL Search Domain Scan URL

URL: http://exif.regex.info/exif.cgi
Title: http://exif.regex.info/exif.cgi

Search URL Search Domain Scan URL

URL: https://www.metadata2go.com/
Title: https://www.metadata2go.com/

Search URL Search Domain Scan URL

URL: https://github.com/exiftool/exiftool
Title: exiftool

Search URL Search Domain Scan URL

URL: https://github.com/ElevenPaths/FOCA
Title: FOCA

Search URL Search Domain Scan URL

URL: https://github.com/korczis/foremost
Title: Foremost

Search URL Search Domain Scan URL

URL: https://www.kali.org/tools/exifprobe/
Title: exifprobe

Search URL Search Domain Scan URL

URL: https://www.kali.org/tools/exiv2/
Title: exiv2

Search URL Search Domain Scan URL

URL: https://www.kali.org/tools/metacam/
Title: metacam

Search URL Search Domain Scan URL

URL: https://github.com/decalage2/oletools
Title: Python-Ole tools

Search URL Search Domain Scan URL

URL: http://en.wikipedia.org/wiki/Compound_File_Binary_Format
Title: Microsoft OLE2 files

Search URL Search Domain Scan URL

URL: https://www.kali.org/tools/binwalk/
Title: binwalk

Search URL Search Domain Scan URL

URL: https://www.kali.org/tools/de4dot/
Title: de4dot

Search URL Search Domain Scan URL

URL: https://www.kali.org/tools/pev/
Title: pev

Search URL Search Domain Scan URL

URL: https://www.kali.org/tools/ropper/
Title: ropper

Search URL Search Domain Scan URL

URL: https://malcat.fr/index.html
Title: https://malcat.fr/index.html

Search URL Search Domain Scan URL

URL: https://malcat.fr/features.html#file-formats
Title: dozens of binary file formats

Search URL Search Domain Scan URL

URL: https://malcat.fr/features.html#cpu-architectures
Title: CPU architectures

Search URL Search Domain Scan URL

URL: https://www.phishtool.com/products/community
Title: https://www.phishtool.com/products/community

Search URL Search Domain Scan URL

URL: https://eternal-todo.com/tools/peepdf-pdf-analysis-tool
Title: Peepdf

Search URL Search Domain Scan URL

URL: https://www.kali.org/tools/pdf-parser/
Title: pdf-parser

Search URL Search Domain Scan URL

URL: https://www.kali.org/tools/pdfid/
Title: pdfid

Search URL Search Domain Scan URL

URL: https://github.com/decalage2/ViperMonkey
Title: ViperMonkey

Search URL Search Domain Scan URL

URL: https://www.kali.org/tools/cabextract/
Title: cabextract

Search URL Search Domain Scan URL

URL: https://github.com/robertdavidgraham/pemcrack
Title: Pem File Cracking

Search URL Search Domain Scan URL

URL: https://www.unix-ag.uni-kl.de/~conrad/krypto/pkcrack.html
Title: PKZip File Cracking

Search URL Search Domain Scan URL

URL: ftp://utopia.hacktic.nl/pub/crypto/cracking/pkzip.ps.gz
Title: this paper (Postscript, 80k)

Search URL Search Domain Scan URL

URL: https://www.kali.org/tools/bruteforce-salted-openssl/
Title: bruteforce-salted-openssl

Search URL Search Domain Scan URL

URL: https://www.kali.org/tools/ccrypt/
Title: ccrypt

Search URL Search Domain Scan URL

URL: https://www.kali.org/tools/fcrackzip/
Title: fcrackzip

Search URL Search Domain Scan URL

URL: https://www.kali.org/tools/nasty/
Title: nasty -

Search URL Search Domain Scan URL

URL: https://www.kali.org/tools/pdfcrack/
Title: pdfcrack

Search URL Search Domain Scan URL

URL: https://www.kali.org/tools/rarcrack/
Title: rarcrack

Search URL Search Domain Scan URL

URL: https://www.kali.org/tools/exe2hexbat/
Title: exe2hexbat

Search URL Search Domain Scan URL

URL: https://filesec.io/
Title: https://filesec.io/

Search URL Search Domain Scan URL

URL: https://strontic.github.io/xcyclopedia/
Title: Strontic xCyclopedia

Search URL Search Domain Scan URL

URL: https://winbindex.m417z.com/
Title: Winbindex

Search URL Search Domain Scan URL

URL: https://www.kali.org/tools/forensic-artifacts/
Title: Forensics Artifact Project

Search URL Search Domain Scan URL

URL: https://github.com/ForensicArtifacts/artifacts/tree/main/data
Title: https://github.com/ForensicArtifacts/artifacts/

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/List_of_file_signatures
Title: https://en.wikipedia.org/wiki/List_of_file_signatures

Search URL Search Domain Scan URL

URL: https://www.garykessler.net/library/file_sigs.html
Title: https://www.garykessler.net/library/file_sigs.html

Search URL Search Domain Scan URL

URL: https://filesignatures.net/index.php?page=all
Title: https://filesignatures.net/index.php?page=all

Search URL Search Domain Scan URL

URL: https://maxkersten.nl/binary-analysis-course/
Title: https://maxkersten.nl/binary-analysis-course/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

75 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request file-analysis Show response
s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/ 761 KB
59 KB 1249ms
828ms Document
text/html 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3ce1bf916194bae639eb25586754a8964d8f8a1c703129346a30fc10cf3727a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'nonce-Mjg1NDk3ZWQtOGVkNS00MjA5LWJmNTgtNzRlNmM0Zjk2NzYy' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
cache-tag: release-10.9.1001,site:site_NVmMK
cf-cache-status: DYNAMIC
cf-placement: remote-SJC
cf-ray: 8f1bfc3adad0dbb7-FRA
content-encoding: gzip
content-security-policy: default-src 'self' ; script-src 'self' 'nonce-Mjg1NDk3ZWQtOGVkNS00MjA5LWJmNTgtNzRlNmM0Zjk2NzYy' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
content-type: text/html; charset=utf-8
date: Sat, 14 Dec 2024 06:02:29 GMT
link: </>; rel=preconnect; crossorigin=""
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EkBILr9f7ezwleTCs%2Bqs6qhO4mJfheX0CJQiB709tMPIKpbcx3TcJ59xFGG8h2JAJ9ORHdaKXF8CVxW6H2BOKmOYQK3tksjJ6cHO9zQ%2FOVvW0kYeBi%2F3Nj9aPTTxxyBi5cBFUyHYnGNKLEY4jxIl"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
x-content-type-options: nosniff
x-edge-runtime: 1
x-gitbook-cache: miss
x-gitbook-cache-tag: release-10.9.1001,site:site_NVmMK
x-gitbook-version: 67a6fb4
x-matched-path: /[[...pathname]]

GET
H2 200 27629c7e89370ccb.css
s0cm0nkey.gitbook.io/_next/static/css/ 83 KB
6 KB 69ms
67ms Stylesheet
text/css 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/css/27629c7e89370ccb.css

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d4dd2307427b2c3627961d1c2c8ee40de95df9330be03b0c1bbe1d0c23079bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"0d749bc10adf52a6386164076f049187"
age: 722252
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rnN17Jj2975msMpq%2BqTsRJiGrXIHI1RKrJENCVlwxZF2arp3KuX68VJI770Lvz98h%2FhiVQ6eUjsJIqNGQLH2YuNT2pJDGknePtJRdPDvpT2wWGKXG3mM1Xa9dX%2FzV4NI%2BR5MDxcRTdspkkyI%2FS34"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:29 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc40fc90dbb7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 99f50cfb598d2941.css
s0cm0nkey.gitbook.io/_next/static/css/ 6 KB
1 KB 134ms
133ms Stylesheet
text/css 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/css/99f50cfb598d2941.css

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

292339afa6df803ce7fc3215663b3c22e250c3ee07a8ba221a3f250d66f3c729

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"1def430ea4a9c808cbdb7d7970875196"
age: 5045796
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XmVHSOro6YWdbHQzhrWcC5kvLiOmJrcWWBsceC51dlT9oivPXhQmNopWKIRbsdH7dy8GTBeAQie9cGNoxnA3Dm0cVWarELmj08vayqCT6NkUllluqXMmejsdwp1PDDCsCerZXuUWT1roaBow0mbB"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:29 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc40fc94dbb7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 dabd2a95a8e1d698.css
s0cm0nkey.gitbook.io/_next/static/css/ 1 KB
782 B 95ms
94ms Stylesheet
text/css 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/css/dabd2a95a8e1d698.css

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43e067d5aa641bb3f0380e6a187ecf78ab0ae51f1bf9913cf34a03c45211f7b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6ccbf2cd6ab45782d84da86af60dd034"
age: 153447
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MoqhRQ3HEMvxkZlCUKgsFNlFh4HreoFyzrxgZfEzFFEo4Sg8F5hYGXa%2FupJEhOo08XDyOJacwiTY7H0h7CPkfg6TfTF%2BAB2b07RWPSLVuj6xZEXABmM630%2FPrXfWe6lqF2R59mGf%2BP%2BRe4%2FBis%2Fw"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:29 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc40fc97dbb7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 60f82f39bc9f0564.css
s0cm0nkey.gitbook.io/_next/static/css/ 111 KB
17 KB 125ms
123ms Stylesheet
text/css 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/css/60f82f39bc9f0564.css

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbc81bb786e510aabd31b3060d5d8771f5c205135105e6c563537426b40b30b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"5d08b16de969dccc0a7a2597b7dc21a5"
age: 968
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hlUE0hTN8EzELdpy%2BFSVjJNiL%2BYskj9ZNfRJGX7d3IniP5Go9wy1bT9FxQyyZylxF9ElZFY6XXHkW%2FWjNpnTpn0u0%2FRh06in%2ByTkr8WOuVCj1Mt92MuMdi1mXNnTJkS4xWxYRZs6emZwdAdCfb8D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:29 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc40fc9adbb7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 c311d6484335995a.css
s0cm0nkey.gitbook.io/_next/static/css/ 159 B
480 B 127ms
126ms Stylesheet
text/css 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/css/c311d6484335995a.css

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41f90d66e405853ca80d4d66f4bd8ea768a4a85b600ca29773c1c499b1e17933

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"364b2d277bf4a05a73929b8017a11307"
age: 6828602
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lz6kTc05nkb6lhM0vufPX3iJ24Eptim6hloowRCVkscFZ1X3NI9%2BdNh74HJwnCqm8%2B3dtschTs1NuxXMHK5TxhKket4h1avIaRkBrURM5pti4Z3NAlh1xFg3bJ0YecyTc4KoP%2FmTTcfTKSl17cEm"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:29 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc40fc9ddbb7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 948a4dad6f86b076.css
s0cm0nkey.gitbook.io/_next/static/css/ 2 KB
744 B 116ms
115ms Stylesheet
text/css 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/css/948a4dad6f86b076.css

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09ecbc79dd831c288b4a8bd3559941e020d2e88c2295a47dd32972e60dbedcfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"e0b0a0d5bf5d222bc736de7f23e3e5b3"
age: 968
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yn6V5bPptgw8LPW4oBGSbNnug0JkNWaGA4VnvhsX64q%2F6vhE5wpNfNCpTCCJG8nPpv6CLNABeN%2FGzg4azL2pdhPqdRnXH5w0h%2BPh4pHw8r47KTSna%2BbAbtFWXjlaByC1f5aDJAfe750Lu6nnB5DA"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:29 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc40fca0dbb7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 7235fa9d119901d4.css
s0cm0nkey.gitbook.io/_next/static/css/ 28 KB
4 KB 123ms
122ms Stylesheet
text/css 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/css/7235fa9d119901d4.css

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c39457c52d0c8e364b6e85f6216840479aafd3840f5e1ec9e3875c114ce095c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"89f645acca45bfd06368ab4f93bdf7e4"
age: 3774543
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m%2BgK%2Bxi4XBJkd4KG%2FVhx82aLEXle1BlbU%2BeejZ7epp%2Ft3jGSfYT23fFuqAOiFQ59RD6jwO91n0J0aE%2F9tYuc7JT0RjGJZUQvPMLB3CEOmEY9X3ghPv6PuDJwhx9FeNymqIcJ%2F8iuOuZmAZk6kqDm"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:29 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc40fca3dbb7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 86d6274f3e6d760c.css
s0cm0nkey.gitbook.io/_next/static/css/ 78 KB
6 KB 94ms
94ms Stylesheet
text/css 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/css/86d6274f3e6d760c.css

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c780179fdc6281a24a03367341c70e2bd004f4f352299aea60d978ba6845253

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"c600b2ab2b7f888009bb0ec7eb0b025e"
age: 5250585
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hX%2FivR5rvndWjAcTvUzSXrb6Wxf14XunDNqncZgWFvGT1qc2PDmVt51fv8wP5J4FHDl6riKlmT02OYEcnuYrcEqxKchuiC6s%2FLyvxlVWHLOD5OnGr%2BNDlTjGgV30eAqjuLtRHwH2p8ofWdQuPvky"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:29 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc40fca4dbb7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 a91fbeec63857000.css
s0cm0nkey.gitbook.io/_next/static/css/ 146 KB
22 KB 115ms
114ms Stylesheet
text/css 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/css/a91fbeec63857000.css

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f912415e84ceb5a06689f96705479e1392fdcaae7507419c25b4b22a81806184

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"9d7b44db765d0e096b46b9f2c6374673"
age: 2116270
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KRltkz%2FEOV71PyUxzD1l9CVInwuDaSsMlUkYwovpsYvfaJ2IQFfciPTGXRmOIShz4MQpXq3zpx8mAhsa1Ddp%2Fsy9VZYhEz1GSjFTC2dDqd3K%2BY0d22BJ6Zqhcfrv2nAjx%2BeoJWUPpgjMgwfiIdhv"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:29 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc40fca8dbb7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 7fa51fc8bd1e8a37.css
s0cm0nkey.gitbook.io/_next/static/css/ 9 KB
3 KB 93ms
92ms Stylesheet
text/css 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/css/7fa51fc8bd1e8a37.css

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0aef34f088789c35fa37c50b9fdb308f421d8ab4f460a4f40ab3003426a42bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"083a6644e174d3bff99c00fdf3bf2080"
age: 66931
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yai1rsVUK8Xmdh3%2F8HTjNbl%2FbfllHi5xN1qu8XPO4iSSI5fZjVEbJ89ytXtGKU4RnAB4oG9Ex74vT%2Bnj3sZBdjaWr1u8zjnfeAhZErOD2yw2FcGxqTrz6Pj69dF5%2BMDl8voA4v7AOMqBVPGESdsS"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:29 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc40fcacdbb7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 0f891de5863d7182.css
s0cm0nkey.gitbook.io/_next/static/css/ 139 B
488 B 94ms
94ms Stylesheet
text/css 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/css/0f891de5863d7182.css

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a65540109ec1e413cd9314ca8e3d8828fc8ea866765c189664e4b95f78307cc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"1c37a7a1d40c67136443657ad9b33dc0"
age: 254826
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=15CTyNJ%2FWrGP92fxafy5R6OEyfDUT%2FX%2FA6pLBy%2Fgp%2BEm3C5mWckDaU2%2BiqBQKMthWvHRyESmYFmZxFw8fSoi2rhijSJ7eRB%2FKbmENLwDWWWpuOY7LeNf3Vy2v39cP76ozmkN%2FiilHIROLuQHtykH"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:29 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc410cb0dbb7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 webpack-90dd3b01beda2e2b.js Show response
s0cm0nkey.gitbook.io/_next/static/chunks/ 5 KB
3 KB 123ms
121ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/chunks/webpack-90dd3b01beda2e2b.js

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a945e22a2368d7015e482276f47f12029c102ddc721e03a3a766b6c34ed1d308

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"714d7ee1bd5bd595a35e2be82d91c30a"
age: 153447
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CmcS5VvaXUs7tKkOqbwgxsJv1ldLl0xTZkXqLV1ZNcaQ4ctvnE2y8zTkl65mPaZDI4ierAvTzQfbMT1kWAQAPruC%2Badgd3Qs3441koRj%2BA6RGBzeP497D2HG9Z2zBTAuuYw6VcNSJSo3L%2FPMDKc7"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:29 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc411cd9dbb7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 1dd3208c-b11c3db6cd7d86b2.js Show response
s0cm0nkey.gitbook.io/_next/static/chunks/ 169 KB
53 KB 124ms
122ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/chunks/1dd3208c-b11c3db6cd7d86b2.js

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eada73c016775094674c94215fd8248667b11479eeff9c2634e9b903cfb28dc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"c2687f84dd0cc3a42d6863412a432659"
age: 1990470
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T6dmMBEtX3ch5oYbjNF%2FgZJU1OHX4T2M1wPzDdINp5w0jL1zSUyKWAxo%2BpqSAI%2B%2BrOQWWXD0kbsizzkN%2B4jc1nAr76rkk5IB8ee%2BSZzfMavHLQpM5gavTghuQBHRKwq1wjI3kaRSLyLQKQqkL4El"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:29 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc411cdfdbb7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 9978-293e379e3e1468f4.js Show response
s0cm0nkey.gitbook.io/_next/static/chunks/ 173 KB
48 KB 124ms
122ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/chunks/9978-293e379e3e1468f4.js

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e6dafce9cdb0024fcb61013365544ac7e68dd9650f02a6a2c661b303cc980ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"208fb82e75b482c75f59c5477ee00990"
age: 4381055
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zR%2BN5LN%2BdrMe3MtDJNC%2Bo5BIbCzLh%2F7Z8GhukQpWjKZKYJhbtwX8NH%2FgzMcsgp1%2BLc2%2Bd3PV13ma5tqqFQ%2FQ5WTIY%2BxHKTO9ZuuVaaDyCR%2F4Bw%2Bi00cj1yv0SjkiEcA9x9fGWCVvRrUNgYs0yabh"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:29 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc411ce0dbb7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 main-app-ecd1746a772dd588.js Show response
s0cm0nkey.gitbook.io/_next/static/chunks/ 978 B
926 B 124ms
122ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/chunks/main-app-ecd1746a772dd588.js

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c9de61a3fe6587fb097e6bc2811e49db9ed299521c77606243774f241aa4da0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"318dd6d1d9e9b851ca4312cb6bb8fada"
age: 28941
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kIDG6AAKWIi9CXWlM1tJ3yeHpXWmL5q%2FN8R%2BtK0BuOO319VlRh87GuV2LhbazLPOr2TxrZUL1irgxj3aJSOrkeJ2jAZnCQRtb6c7OGyD%2BacBH%2FVYDs9XTEojfLlMo9qbIUp3OTvjk72Rrm73XB8x"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:29 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc411ce8dbb7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 global-error-19768e91f18f21d9.js Show response
s0cm0nkey.gitbook.io/_next/static/chunks/app/ 6 KB
3 KB 128ms
126ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/chunks/app/global-error-19768e91f18f21d9.js

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe489d4c9ac52d1c839a81e3d30ba5a571f3c19e6499194cb6a58ca88db74425

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"573bdd9339f452e843b110f535a8502f"
age: 4381055
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hdLGJJHfBMG3WAe33Zjfjt86v%2BGZ39cnBuHMlFUjY2vpLf3OzNqhE4hhV%2BT0vE9SdqLmHHmzwofbwS2b%2BExRnaV2G3vGvF8LfQioLvHZlEGzl8GQPfEPEuH6Wju%2BJCXFF%2FHcEuQrR1xiHPy9dkvM"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:29 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc411ceadbb7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 b5d5b83b-3d9186fb60556c53.js Show response
s0cm0nkey.gitbook.io/_next/static/chunks/ 72 KB
22 KB 125ms
123ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/chunks/b5d5b83b-3d9186fb60556c53.js

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0007dacb56b8759bd82e3b92c7f6bb666a62e03a1311330d4d0b710f62456d69

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6fd3d2bbbc533feddfdd0c9f4df8794a"
age: 1381887
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QggED78mmWXrs6J1Lqg0riB%2FNYV07eV%2FSnScfIZhi4VrgkoNlRI71aAm5EmSCLIsYUKQ9wSMdWDhrmR6EkXicCs7BH6MzH%2BJWLzhjaWsdGPtMnLYteYBzsJC5pLGLQfA5c%2Bvcgw4vkvFpZypEsn6"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:29 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc411cebdbb7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 7609-ae1015bd89577747.js Show response
s0cm0nkey.gitbook.io/_next/static/chunks/ 40 KB
14 KB 125ms
124ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/chunks/7609-ae1015bd89577747.js

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c63c446f7cec55334ce70922d7cea869633b1f7011872ef52dc506477cf5ab93

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"cc9d7879158d7806b7de7a7764aaa3ef"
age: 329731
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9l2q3cFgn9QpDZsSwWlXjlSJIO%2B6jJOi4%2FBNd%2Ff3sLYCzhSXVMQR2ubGXYDalFaZVdmHSzI%2BlU9KT%2BnA5TqJzgZeVv%2FhHIt%2BSRN%2B0iYLCCZ7AoIhMIKAi32CXwB%2FexdaEtFN6r0MvRjOKhvNhcFY"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:29 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc411cefdbb7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 1281-411df876b32e19c2.js Show response
s0cm0nkey.gitbook.io/_next/static/chunks/ 9 KB
4 KB 177ms
176ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/chunks/1281-411df876b32e19c2.js

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e86e1238beedf433b5bbb8589f06907ef13f4344cc544b7e0dcc76735103f9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"9bab183636b70c644fda4a0a3b7a4799"
age: 1381888
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q2fs0yd%2Bu457c3SEMyIqKXUQA4cUmLbt8yGCmIaVTJLwbQNogfcUZO7q11FxXGGWdbBjPMepfCrpSthb0aYJdJugk3HVOOg3AfW7gKuRiwxUDESdSLbTiF%2F0vp1ocfaFWQ4p6bMh0wl5sjSK02wz"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:30 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc411cf2dbb7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 9505-a8f112b566ef7f41.js Show response
s0cm0nkey.gitbook.io/_next/static/chunks/ 306 KB
87 KB 124ms
122ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/chunks/9505-a8f112b566ef7f41.js

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d065db3bd8ef83a4536ae49b3b2a45d9cc835d3c6dca0ba10941bd4cb6d58ae1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"8ce6b1ca16e88dc00273a112d2fb9058"
age: 2066459
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GhDUynhI%2F8BHcs7SnJnftLejSaJ0Z3Hy9mVrkiGOA1Qa%2BiVvYd7E1xoyzlvBILueZPnFGxGaciB8bdWfd9VPgCEWjK3PXNIiDXFVLZuizPgARCzTWAVICArpP3MepeLM%2BcDq9iZ36drk4Vn3wvlI"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:29 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc411cf3dbb7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 4531-b39a0af8c700f9ea.js Show response
s0cm0nkey.gitbook.io/_next/static/chunks/ 108 KB
36 KB 124ms
123ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/chunks/4531-b39a0af8c700f9ea.js

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78743bdfad4163c8559ee4f06d646adf79b77eadace2acdfed42c438aedeaf8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"fbcba563f1ea1c357dc0bb603e862c5a"
age: 1453389
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WhqIj4U82stmY6WSwjpuWBfPYJyhNpllTRRjHHBslk%2Fucwc%2Buzkuu4FfeErPoIX94k9ToA%2BV4pbA11I%2FcUwbO7uoTlV9ZrHmi708SAQiSCLOX%2Foc04y4D0b0DVnRjLTyKotWaD0HF1ZWF4iMlszM"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:29 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc411cf5dbb7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 4051-7ad61cad8d4c8144.js Show response
s0cm0nkey.gitbook.io/_next/static/chunks/ 27 KB
11 KB 109ms
108ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/chunks/4051-7ad61cad8d4c8144.js

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb1fc9baaa140f725c677e015dda453d0804fac46165d43bf40a876af79d4af9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"c3835a5a956bd6f7877c71a9b9785e00"
age: 153446
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RSZv6u1cOiPCUC0bHEdT9BSRWymQwk06qCoDfJ61ODtIL%2ByyeruVGKifrMKHrNoVkHYX6J4H5kPUBfzHdUjSfl%2F02YPIPI%2FteXdArE95uVyz3UEAzt%2BSSaunjMKpZsoHjqB2tkV4U6xqLMufqZ9L"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:29 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc411cf8dbb7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 1285-5b6ce0fda9aca790.js Show response
s0cm0nkey.gitbook.io/_next/static/chunks/ 28 KB
10 KB 147ms
146ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/chunks/1285-5b6ce0fda9aca790.js

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acea61ff9784ed58e10a162fcb727e905a1f52c657a4ff08441877ef0858c6af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

x-gitbook-cache: miss
content-encoding: gzip
cf-cache-status: MISS
etag: W/"255ed003b85009b3bd3e95229887e8b4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u%2FQ125o0yJdB3qhF2eJJQmQ%2F218EI6%2BaAfWLBBbuqkUG%2FO0LuJKuEJCwDOuyjJL5rYe5Xphjn8HUnUkpvzka2qzM1twz3OsseYuybd%2F%2B64rU1W53ykbIlhdnfFZAVZpN5PgEYR2uLMIa4FkXs7II"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:30 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc411cfcdbb7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 3902-fc7724e041e6e8f6.js Show response
s0cm0nkey.gitbook.io/_next/static/chunks/ 4 KB
2 KB 127ms
126ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/chunks/3902-fc7724e041e6e8f6.js

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0e4399acd33dffdb93467ca96252e6a09fcb30cfa1cb5ec0533a6db47a3ae24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"c4fb37702be337efe28dee4521e1ed7c"
age: 153446
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fDVFx6ykDeXNwlKz2DS3g1BNufEQ6N1wAXEk8ixxXMK0dfWrHFxxa%2FF0H1hVCUGIMN4GBhJaZQYxGVwylxJJGmpYmhKnS2RNbzNCHG%2FZBewYQqRjweBziJFvh8q4KpB%2B2jLHp%2FFLRp7KWbg8HtdR"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:29 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc411cfedbb7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 layout-eca6593138970b85.js Show response
s0cm0nkey.gitbook.io/_next/static/chunks/app/(site)/(content)/ 31 KB
10 KB 162ms
160ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/chunks/app/(site)/(content)/layout-eca6593138970b85.js

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6e57cba46ddf363a63dedf8dd0df125e2baaa48c1dae06ba4d1b69d809884b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

x-gitbook-cache: miss
content-encoding: gzip
cf-cache-status: MISS
etag: W/"4f7ba4aff43c88328eb89db808f53fd8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sBCAr53R4OY5svInf9iYE2O8tW%2BdI6OJ%2BOHopkouTZnmc3kQSDkQ0IBFChvnNGapuHW16I3nrJK9w9cl1zFpW0B9yTKJkn2tZNC0K7NfQPSm1MZ59fDNS2Qpz9XiMvuvfrebpzDqlZrObQZqbPDu"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:30 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc411d01dbb7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 8359-b1f68d2f835db325.js Show response
s0cm0nkey.gitbook.io/_next/static/chunks/ 20 KB
7 KB 162ms
161ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/chunks/8359-b1f68d2f835db325.js

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6440cd822c6ca76c00c3b189cf2e740a2543d89361e9f907f2e33ce92ac127bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

x-gitbook-cache: miss
content-encoding: gzip
cf-cache-status: MISS
etag: W/"f1733eb6d77881f1533b22a05dd8bf1a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qHXwQUbREZhtfDSrO%2FemnW0IO7VTIKYIgm5JjiNfMPoZanIET8NrxT%2BgoZaEnFO8G93g9YoBDkFpwFGYWfX8oeu8XL3kZNpaBG8pB7J1vEiUaeExUdX5uruMfkkBb35HfCxF%2BTzdGx3bg6sAV%2BAU"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:30 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc411d03dbb7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 layout-bf11739262f6b9e6.js Show response
s0cm0nkey.gitbook.io/_next/static/chunks/app/(site)/ 193 B
548 B 130ms
129ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/chunks/app/(site)/layout-bf11739262f6b9e6.js

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6352fbe7239df40a4fcf5579d0c48b4391d7ad3a6e076c8b34fad05301b1a165

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"09f0d58e2146e3e0705d248c7088bef1"
age: 164851
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aJ71rJJ9fSrcALZWoewyF1MJGqIHmsMblMUgXiTfpd6VADAV%2FXayUGoFYZpOtH7V%2FwdBGHaMCzWXH%2BIAKLLVGAKxEgg54v2bEEMi2sU8gidcDuhrmezalQKao2JF%2FPTXgLsjPIb3ubO2eH9QAJ4%2F"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:29 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc411d06dbb7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 error-5ee8f5df3d3cdc71.js Show response
s0cm0nkey.gitbook.io/_next/static/chunks/app/(site)/ 4 KB
2 KB 124ms
123ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/chunks/app/(site)/error-5ee8f5df3d3cdc71.js

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fea4c39ffe063522a77525b7a3b0e427a72621d63cd4acd8e35a29af3f6b1c92

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"45f038de25ab5b5c006af767f2c40571"
age: 34241
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wL12xaCZyfihMf%2BnS1CfMACzDnP%2BXeOq0sJHABSnySMmWOyJqU1%2BHYISC4Q2dBjqz5NNCiNECGfneF27CnlzSobtQIipBpBLKh5YrK1wmIJ3ABTShj15RIXp1Va5I1uuPMECmXH0HIYnFQFh4uEq"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:29 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc411d09dbb7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 6150-57a79db9099e4be8.js Show response
s0cm0nkey.gitbook.io/_next/static/chunks/ 20 KB
8 KB 127ms
126ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/chunks/6150-57a79db9099e4be8.js

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dceef739a3784e7d962af1e9fa3eab86ba71473ef68044f395f456ea6b24587c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"1417c67d3052c449db9274076dd5ed11"
age: 1990463
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y%2BlbS9TjZ%2BueZvfEa9g1OS7UWl56sRddXd1M4YgkgRb5hqWrH%2Fpo%2FxkxQyvSNu%2BDJuk32%2Be13eXCsjJ1vf%2BD6opvXQEhGZVaNgk2cqLhFGpze4NiaWIzeyeIavpNa%2FdsKrBwavtH3sXg6OC5Y8VX"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:29 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc411d0ddbb7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 8510-2f41b25832a6d317.js Show response
s0cm0nkey.gitbook.io/_next/static/chunks/ 39 KB
14 KB 126ms
125ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/chunks/8510-2f41b25832a6d317.js

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97c7c5fb089f6dd442b91e0a25ab029dfd7e993f1021f3ec54e79e95a0326f26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"e5fc05f199425e4357e9902907f3c87d"
age: 4381055
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5DrbIKZ7Yj4wdgiCjc7wgpZuy4j4u9kwJm8WTwq6xoJoS%2BWuSCPb2s%2FWg7REvpH5EuQzkJIOO8qP3GBLPwg9BFaym7cewx%2FXBDhSOSi3LQdbptHUrHDIs0OB%2F7%2F3jvYAuyY%2FhpsQmgRsel1HLvt7"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:29 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc411d11dbb7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 8325-013c5e6f13873386.js Show response
s0cm0nkey.gitbook.io/_next/static/chunks/ 11 KB
5 KB 125ms
124ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/chunks/8325-013c5e6f13873386.js

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cec98a9ce1a1a92ea79971ad382222081000e7bd48343275d616dc2be5d7915

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"bc6765106ef2649c258aa971f49110f8"
age: 66931
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uDM68LyNZy2WtHFo5EPvc3VubPxRUsDIYoMcissN74jrLVOEVf0J67OHq6gHwrm6ZTPJU07F%2FC1UweUEedpelFn%2BhFnHXIEj07jEvY1m9koYF1TwCCq5ypeTGsqNsvbt3dUBhuRVwAS4QOalEiJd"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:29 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc411d14dbb7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 9028-20d35c2154299d00.js Show response
s0cm0nkey.gitbook.io/_next/static/chunks/ 14 KB
6 KB 134ms
133ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/chunks/9028-20d35c2154299d00.js

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5689941554eb06222c013249ffb511eef978820679cfd1e6759942c7aa06942

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"fd54f9a2ec3a4347160b1803b9d4741e"
age: 66931
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JYXZjiNVZFiHx8V386nDgdliAfBY%2BiQZ5Yhtta053CSBfaE%2BTWrFU5%2BlcYzLqJ1DDTBXPnhqcNM2h%2FDm6vrNJMJKlr5L4A5MvWzsOTICY5eDagtrDdOYmxNNutdhbR5Ng5RW3vsygRFbHK%2F4Y0XY"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:29 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc411d18dbb7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 page-1e1492d7790ff44b.js Show response
s0cm0nkey.gitbook.io/_next/static/chunks/app/(site)/(content)/%5B%5B...pathname%5D%5D/ 12 KB
4 KB 126ms
125ms Script
application/javascript 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/chunks/app/(site)/(content)/%5B%5B...pathname%5D%5D/page-1e1492d7790ff44b.js

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edfea28bd5e2960db32eea6015befb79cab4dd22d4df95474ae6e8f4430df136

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
etag: W/"5612c81594f0216177d2eeadc94f9d38"
age: 561975
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Oo3EjW0PBSXw6eFRU0sJ1IXr9d4bzuqjqXvbcBZC3SE%2Fh96%2Bq7ftWUyAm%2BdeSqfeza3OssqTxj4H1CFdoicLlImhPnQBm9uESPdJD2%2BSdUj6vEp4UAB7Vj2aigvUEFkmefyw3H6UI9BmeErPE1a"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:29 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc411d19dbb7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 6ebb97b5c9fa4e03-s.woff2
s0cm0nkey.gitbook.io/_next/static/media/ 13 KB
13 KB 52ms
50ms Font
font/woff2 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/media/6ebb97b5c9fa4e03-s.woff2

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/_next/static/css/27629c7e89370ccb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a7fc3de6341e5ab2853f213dbf792903cd35039daa9530a649a20a877ccac8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://s0cm0nkey.gitbook.io
Referer: https://s0cm0nkey.gitbook.io/_next/static/css/27629c7e89370ccb.css

Response headers

x-gitbook-cache: hit
cf-cache-status: HIT
etag: "ee7b9b9c47166e05c79c8cbafadecf85"
age: 326742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V17Tmyb5A4GuiHHIjayycVbL5HUclp0n3r5Kk6tQFlzjtb6YfaBWucPY98AuiV1yA7O%2BoxQ5atfKZQQIzMYKe8kTaQoIe9qIyfrGeQXdHptgRnoMMH1asQ8RUWs2ZH%2FUHf5h%2FRmo1xTUUMDTeon2"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:30 GMT
content-type: font/woff2
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc420e7ddbb7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13408
server: cloudflare

GET
H2 200 magnifying-glass.svg
ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/ 483 B
415 B 493ms
64ms Image
image/svg+xml 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/magnifying-glass.svg?v=2&token=a463935e93
Requested by: Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf2a6a5f8c28ed6ebddf6fa704ad4f21d95c55a140c124b94dd4bf28b736a654

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://s0cm0nkey.gitbook.io
Referer: https://s0cm0nkey.gitbook.io/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6695a1f6-1e3"
age: 5914559
cf-ray: 8f1bfc44bc003737-FRA
access-control-allow-origin: *
date: Sat, 14 Dec 2024 06:02:30 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Jul 2024 22:25:58 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 chevron-right.svg
ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/ 394 B
509 B 492ms
63ms Image
image/svg+xml 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/chevron-right.svg?v=2&token=a463935e93
Requested by: Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e745a051fade69ed0d6a92fe8f0437d646bafe59a91f3c6654b0c4295c1ed91f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://s0cm0nkey.gitbook.io
Referer: https://s0cm0nkey.gitbook.io/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6695a1e1-18a"
age: 6953378
cf-ray: 8f1bfc44bc023737-FRA
access-control-allow-origin: *
date: Sat, 14 Dec 2024 06:02:30 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Jul 2024 22:25:37 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 120a5a1920781bd0-s.woff2
s0cm0nkey.gitbook.io/_next/static/media/ 13 KB
13 KB 91ms
90ms Font
font/woff2 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/media/120a5a1920781bd0-s.woff2

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/_next/static/css/27629c7e89370ccb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf9cfe01317e3758dd38982921dc1f26cc7243237d02e7ed90d3830b6f4e8ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://s0cm0nkey.gitbook.io
Referer: https://s0cm0nkey.gitbook.io/_next/static/css/27629c7e89370ccb.css

Response headers

x-gitbook-cache: hit
cf-cache-status: HIT
etag: "afa13337fcac5295198bac158ca5d0bc"
age: 6302915
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H1nWEywhrM8gahwj8%2BIuE6ggDXpnEgpgi6bsYqZuFijg2vFmp3GtRV16BOckdD0vWwkCiC821HGMo%2Bf9VQwA71ujx5xgJVY%2FAtaHkdT22MLFbZy65k5sYZB02QE%2Bo3Xd8sQrEN8lmTmq%2Bn3Kjo4p"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:30 GMT
content-type: font/woff2
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc420e7edbb7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13388
server: cloudflare

GET
H2 200 78f8543d3770f084-s.woff2
s0cm0nkey.gitbook.io/_next/static/media/ 2 MB
2 MB 57ms
56ms Font
font/woff2 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/media/78f8543d3770f084-s.woff2

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/_next/static/css/dabd2a95a8e1d698.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74298a1e08f9981efd8936514550602a6fc4ab401302c8a09dee44c8ed5af1e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://s0cm0nkey.gitbook.io
Referer: https://s0cm0nkey.gitbook.io/_next/static/css/dabd2a95a8e1d698.css

Response headers

x-gitbook-cache: hit
cf-cache-status: HIT
etag: "48c21e8cc8b976ed8c5bf227ef94dfd5"
age: 153448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MDpKFvsFoUEoRN5uKvnX1tuDLMiPVq%2FJ9w%2BJCbxxiagv9vKgjetTFQfhbs0IXX%2BV6KInoSxePSQ%2F47aQBg%2BZ7SVO%2FLciD5299Qnpkmb5sPfB%2BaRrpEKp4LnsKrNHEmAFCa%2Fx0DEYnSOrJ9OEMsoM"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:30 GMT
content-type: font/woff2
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc420e7fdbb7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1885100
server: cloudflare

GET
H2 200 gitbook.svg
s0cm0nkey.gitbook.io/~gitbook/static/icons/svgs/custom-icons/ 1 KB
1 KB 123ms
123ms Image
image/svg+xml 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0cm0nkey.gitbook.io/~gitbook/static/icons/svgs/custom-icons/gitbook.svg?v=2

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2b5edbdd84e821da7830e59580a2581cfd2e2bfb01a197c3e9f919b7859fc0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://s0cm0nkey.gitbook.io
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

x-gitbook-cache: miss
content-encoding: gzip
cf-cache-status: MISS
etag: W/"6a0e8c1b87703edb50c128db3b80b0c7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5DV9xnvuR886H2ZekTVTwJnQhZ2MeaDeOlGfvP3NPpedEuoW0sHGiI2IEJmvwBAft7L%2FdVEU3ufgNef%2BiFF52KtaDl%2Fv%2FRQ%2BKwWmsvzYPGI85WrqSWquKE5G5%2B1Gyrb9G2x%2B6o3XsctSuil0f4YT"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:30 GMT
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc423ecddbb7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 hashtag.svg
ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/ 814 B
494 B 340ms
70ms Image
image/svg+xml 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/hashtag.svg?v=2&token=a463935e93
Requested by: Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b053c1a8d1743d15e13597718631b7f7d8eb96c7d283d071fbdb8b37e5e05fa7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://s0cm0nkey.gitbook.io
Referer: https://s0cm0nkey.gitbook.io/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6695a1f1-32e"
age: 6953378
cf-ray: 8f1bfc44bc033737-FRA
access-control-allow-origin: *
date: Sat, 14 Dec 2024 06:02:30 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Jul 2024 22:25:53 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 chevron-left.svg
ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/ 393 B
340 B 286ms
70ms Image
image/svg+xml 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ka-p.fontawesome.com/releases/v6.6.0/svgs/regular/chevron-left.svg?v=2&token=a463935e93
Requested by: Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ab2a0562e22f0c92b3178ff3d9ca99c14646df6947a180f3e655305c7249f2c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://s0cm0nkey.gitbook.io
Referer: https://s0cm0nkey.gitbook.io/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6695a1e1-189"
age: 1374018
cf-ray: 8f1bfc44bc043737-FRA
access-control-allow-origin: *
date: Sat, 14 Dec 2024 06:02:30 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Jul 2024 22:25:37 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
server: cloudflare

GET
H2 200 3478b6abef19b3b3.woff2
s0cm0nkey.gitbook.io/_next/static/media/ 10 KB
10 KB 58ms
58ms Font
font/woff2 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/_next/static/media/3478b6abef19b3b3.woff2

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/_next/static/css/27629c7e89370ccb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64bc2a00d28ef824b977ed1c523138d821eaa4576447153e02de70aacb071147

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://s0cm0nkey.gitbook.io
Referer: https://s0cm0nkey.gitbook.io/_next/static/css/27629c7e89370ccb.css

Response headers

x-gitbook-cache: hit
cf-cache-status: HIT
etag: "4f52c61f8f0cad0e31eb3b44c3bf3d4e"
age: 407375
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rthfWign%2Fh5hS3QYeNmiOtUGpzg5YKVurXNwch3MLvmSq3UUa5cXNu7nerXcmcbjD%2F98xBiY5oUsuw9JtsdpnvCSDb9AP92HKpUsOqVv9xolfH74k3paeuxlgkXnYVfExko3sGBSNlTpRX949hQL"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:30 GMT
content-type: font/woff2
vary: Accept-Encoding
cache-control: public,max-age=31536000,immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8f1bfc436868dbb7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10088
server: cloudflare

GET
H2 200 s0cm0nkeys-security-reference-guide Show response
s0cm0nkey.gitbook.io/ 5 KB
3 KB 228ms
227ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide?_rsc=1kgcg

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab97cf7b088afd6c94039c215384b1ce8221208b55958c1939077817e644ccef

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'nonce-MjFhYTRhMWQtY2YwYi00MjJjLTliYzctZTc0YzUzMzA4OWQy' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis
Next-Url: /dfir-digital-forensics-and-incident-response/file-analysis
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22dfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22dfir-digital-forensics-and-incident-response%5C%22%2C%5C%22file-analysis%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fs0cm0nkeys-security-reference-guide%2Fdfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: miss
content-encoding: gzip
cf-cache-status: DYNAMIC
cache-tag: release-10.9.1001,site:site_NVmMK
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rKTHGMqzHfD7GuFrtF9yStgWFd03vqWyKGVZdopnlSE1nv5OcCNeuTWlnUI%2Fm%2FvFDCDxz8G0jY9qNv%2Bsbi3Ton1hCuGACIPZ1j5c3BPDy%2B8luaSzIjyTho%2FulsucGSMkcJS95aQlkx1lt6HnQ%2BvS"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:30 GMT
x-edge-runtime: 1
content-type: text/x-component
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.1001,site:site_NVmMK
content-security-policy: default-src 'self' ; script-src 'self' 'nonce-MjFhYTRhMWQtY2YwYi00MjJjLTliYzctZTc0YzUzMzA4OWQy' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 67a6fb4
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f1bfc458ba8dbb7-FRA
server: cloudflare

GET
H2 200 __session Show response
app.gitbook.com/ 52 B
6 KB 694ms
233ms Fetch
application/json 172.64.146.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.gitbook.com/__session?proposed=d08d6b9e-27e5-4e74-ad43-22fb6ea970b0R

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/_next/static/chunks/app/(site)/(content)/%5B%5B...pathname%5D%5D/page-1e1492d7790ff44b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.167 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

174cf4bcda0e8b87144f9b486df0a046ddd9f132169944531b547477cefe540f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' app.gitbook.com api.gitbook.com integrations.gitbook.com files.gitbook.com .gitbook.com; connect-src 'self' blob: app.gitbook.com api.gitbook.com .intercom.io wss://.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io .sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://.algolia.net https://.algolianet.com .iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net .amplitude.com cloudflareinsights.com .googleapis.com .cloudfunctions.net .google.com .firebaseio.com wss://.firebaseio.com .hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com .castle.io .stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://.pusher.com .sumologic.com track-eu.customer.io track.customer.io customerioforms.com eu.customerioforms.com .api.gist.build .cloud.gist.build api.getripe.com us.api.getripe.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' integrations.gitbook.com app.gitbook.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://.sentry.io https://sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://.algolia.net https://.algolianet.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.amplitude.com https://static.cloudflareinsights.com 'unsafe-inline' .firebaseio.com .gstatic.com .google.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://assets.customer.io https://code.gist.build https://customerioforms.com https://eu.customerioforms.com https://.adroll.com http://.adroll.com https://us-u.openx.net http://us-u.openx.net https://idsync.rlcdn.com http://idsync.rlcdn.com https://ib.adnxs.com http://ib.adnxs.com https://x.bidswitch.net http://x.bidswitch.net https://ads.yahoo.com http://ads.yahoo.com https://eb2.3lift.com http://eb2.3lift.com https://trc.taboola.com http://trc.taboola.com https://simage2.pubmatic.com http://simage2.pubmatic.com https://sync.outbrain.com http://sync.outbrain.com https://pixel.rubiconproject.com http://pixel.rubiconproject.com https://dsum-sec.casalemedia.com http://dsum-sec.casalemedia.com https://pixel.advertising.com http://pixel.advertising.com d.adroll.com s.adroll.com d.adroll.mgr.consensu.org dsum-sec.casalemedia.com eb2.3lift.com googleads.g.doubleclick.net p.adsymptotic.com px.ads.linkedin.com px4.ads.linkedin.com pixel.advertising.com pixel.rubiconproject.com image2.pubmatic.com simage2.pubmatic.com snap.licdn.com sync.outbrain.com sync.taboola.com trc.taboola.com ads.yahoo.com ups.analytics.yahoo.com www.facebook.com connect.facebook.net idsync.rlcdn.com ib.adnxs.com x.bidswitch.net storage.getripe.com us.storage.getripe.com .opentok.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net code.gist.build; img-src data: * blob: static.intercomassets.com .intercomcdn.com .intercom-mail.com .intercom.io .intercomusercontent.com .intercom-attachments-1.com .intercom-attachments-2.com .intercom-attachments-3.com .intercom-attachments-5.com .intercom-attachments-6.com .intercom-attachments-7.com .intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com .hubspot.com cdn2.hubspot.net forms.hsforms.com .stripe.com https://.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/ track-eu.customer.io track.customer.io https://.adroll.com http://.adroll.com https://us-u.openx.net http://us-u.openx.net https://idsync.rlcdn.com http://idsync.rlcdn.com https://ib.adnxs.com http://ib.adnxs.com https://x.bidswitch.net http://x.bidswitch.net https://ads.yahoo.com http://ads.yahoo.com https://eb2.3lift.com http://eb2.3lift.com https://trc.taboola.com http://trc.taboola.com https://simage2.pubmatic.com http://simage2.pubmatic.com https://sync.outbrain.com http://sync.outbrain.com https://pixel.rubiconproject.com http://pixel.rubiconproject.com https://dsum-sec.casalemedia.com http://dsum-sec.casalemedia.com https://pixel.advertising.com http://pixel.advertising.com d.adroll.com s.adroll.com d.adroll.mgr.consensu.org dsum-sec.casalemedia.com eb2.3lift.com googleads.g.doubleclick.net p.adsymptotic.com px.ads.linkedin.com px4.ads.linkedin.com pixel.advertising.com pixel.rubiconproject.com image2.pubmatic.com simage2.pubmatic.com snap.licdn.com sync.outbrain.com sync.taboola.com trc.taboola.com ads.yahoo.com ups.analytics.yahoo.com www.facebook.com connect.facebook.net idsync.rlcdn.com ib.adnxs.com x.bidswitch.net images.getripe.com storage.googleapis.com us.images.getripe.com us.storage.googleapis.com; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net assets.getripe.com; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob:; frame-src www.intercom-reporting.com www.googletagmanager.com * .hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com .stripe.com .stripe.network https://beacon-v2.helpscout.net renderer.gist.build code.gist.build; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src .intercomcdn.com https://beacon-v2.helpscout.net *.mux.com blob:; frame-ancestors app.gitbook.com; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.1001;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"34-bfpH7QZdU88Wd0zAdAUEWDcXxA4"
x-content-type-options: nosniff
expires: Sat, 14 Dec 2024 06:02:31 GMT
alt-svc: h3=":443"; ma=86400
x-cache: MISS
x-release: gitbook-x-prod-10.9.1001-74068c8b151c5e0a5c84d1adc89afe87c1139c69-12314444670
date: Sat, 14 Dec 2024 06:02:31 GMT
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
x-cloud-trace-context: eca2d1adb49f71ad89a6aed34e73885e
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self' app.gitbook.com api.gitbook.com integrations.gitbook.com files.gitbook.com *.gitbook.com; connect-src 'self' blob: * app.gitbook.com api.gitbook.com *.intercom.io wss://*.intercom.io uploads.intercomcdn.com uploads.intercomusercontent.com sentry.io *.sentry.io www.google-analytics.com stats.g.doubleclick.net ampcid.google.com analytics.google.com about: www.googletagmanager.com translate.googleapis.com translate.google.com www.gstatic.com https://*.algolia.net https://*.algolianet.com *.iframe.ly cdnjs.cloudflare.com cdn.jsdelivr.net *.amplitude.com cloudflareinsights.com *.googleapis.com *.cloudfunctions.net *.google.com *.firebaseio.com wss://*.firebaseio.com *.hubspot.com api.hubapi.com js.usemessages.com js.hsleadflows.net js.hs-banner.com js.hubspotfeedback.com js.hsadspixel.net js.hs-analytics.net js.hs-scripts.com forms.hsforms.com segment-api.gitbook.com *.castle.io *.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com track-eu.customer.io track.customer.io customerioforms.com eu.customerioforms.com *.api.gist.build *.cloud.gist.build api.getripe.com us.api.getripe.com; manifest-src 'self'; script-src 'self' 'unsafe-eval' integrations.gitbook.com app.gitbook.com https://js.intercomcdn.com https://widget.intercom.io https://app.intercom.io https://browser.sentry-cdn.com https://js.sentry-cdn.com https://*.sentry.io https://sentry.io https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://www.googletagmanager.com https://googletagmanager.com https://translate.googleapis.com https://translate.google.com https://*.algolia.net https://*.algolianet.com https://cdn.iframe.ly https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://unpkg.com https://cdn.amplitude.com https://static.cloudflareinsights.com 'unsafe-inline' *.firebaseio.com *.gstatic.com *.google.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hubspotfeedback.com https://js.usemessages.com https://js.hs-analytics.net https://js.hscollectedforms.net https://js.hsforms.net https://js-na1.hs-scripts.com https://forms.hsforms.com segment-cdn.gitbook.com https://js.stripe.com https://checkout.stripe.com https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://assets.customer.io https://code.gist.build https://customerioforms.com https://eu.customerioforms.com https://*.adroll.com http://*.adroll.com https://us-u.openx.net http://us-u.openx.net https://idsync.rlcdn.com http://idsync.rlcdn.com https://ib.adnxs.com http://ib.adnxs.com https://x.bidswitch.net http://x.bidswitch.net https://ads.yahoo.com http://ads.yahoo.com https://eb2.3lift.com http://eb2.3lift.com https://trc.taboola.com http://trc.taboola.com https://simage2.pubmatic.com http://simage2.pubmatic.com https://sync.outbrain.com http://sync.outbrain.com https://pixel.rubiconproject.com http://pixel.rubiconproject.com https://dsum-sec.casalemedia.com http://dsum-sec.casalemedia.com https://pixel.advertising.com http://pixel.advertising.com d.adroll.com s.adroll.com d.adroll.mgr.consensu.org dsum-sec.casalemedia.com eb2.3lift.com googleads.g.doubleclick.net p.adsymptotic.com px.ads.linkedin.com px4.ads.linkedin.com pixel.advertising.com pixel.rubiconproject.com image2.pubmatic.com simage2.pubmatic.com snap.licdn.com sync.outbrain.com sync.taboola.com trc.taboola.com ads.yahoo.com ups.analytics.yahoo.com www.facebook.com connect.facebook.net idsync.rlcdn.com ib.adnxs.com x.bidswitch.net storage.getripe.com us.storage.getripe.com *.opentok.com; style-src 'self' 'unsafe-inline' app.gitbook.com translate.googleapis.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com checkout.stripe.com https://fonts.googleapis.com https://beacon-v2.helpscout.net code.gist.build; img-src data: * blob: static.intercomassets.com *.intercomcdn.com *.intercom-mail.com *.intercom.io *.intercomusercontent.com *.intercom-attachments-1.com *.intercom-attachments-2.com *.intercom-attachments-3.com *.intercom-attachments-5.com *.intercom-attachments-6.com *.intercom-attachments-7.com *.intercom-attachments-9.com www.google-analytics.com ssl.google-analytics.com www.google.com analytics.google.com www.googletagmanager.com translate.google.com translate.googleapis.com www.gstatic.com cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com *.hubspot.com cdn2.hubspot.net forms.hsforms.com *.stripe.com https://*.gravatar.com https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://chatapi-prod.s3.amazonaws.com/ track-eu.customer.io track.customer.io https://*.adroll.com http://*.adroll.com https://us-u.openx.net http://us-u.openx.net https://idsync.rlcdn.com http://idsync.rlcdn.com https://ib.adnxs.com http://ib.adnxs.com https://x.bidswitch.net http://x.bidswitch.net https://ads.yahoo.com http://ads.yahoo.com https://eb2.3lift.com http://eb2.3lift.com https://trc.taboola.com http://trc.taboola.com https://simage2.pubmatic.com http://simage2.pubmatic.com https://sync.outbrain.com http://sync.outbrain.com https://pixel.rubiconproject.com http://pixel.rubiconproject.com https://dsum-sec.casalemedia.com http://dsum-sec.casalemedia.com https://pixel.advertising.com http://pixel.advertising.com d.adroll.com s.adroll.com d.adroll.mgr.consensu.org dsum-sec.casalemedia.com eb2.3lift.com googleads.g.doubleclick.net p.adsymptotic.com px.ads.linkedin.com px4.ads.linkedin.com pixel.advertising.com pixel.rubiconproject.com image2.pubmatic.com simage2.pubmatic.com snap.licdn.com sync.outbrain.com sync.taboola.com trc.taboola.com ads.yahoo.com ups.analytics.yahoo.com www.facebook.com connect.facebook.net idsync.rlcdn.com ib.adnxs.com x.bidswitch.net images.getripe.com storage.googleapis.com us.images.getripe.com us.storage.googleapis.com; font-src app.gitbook.com * js.intercomcdn.com fonts.intercomcdn.com data: cdnjs.cloudflare.com cdn.jsdelivr.net unpkg.com https://fonts.gstatic.com https://beacon-v2.helpscout.net assets.getripe.com; child-src 'self' blob: www.intercom-reporting.com intercom-sheets.com www.youtube.com player.vimeo.com fast.wistia.net www.googletagmanager.com app.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com; worker-src 'self' blob:; frame-src www.intercom-reporting.com www.googletagmanager.com * *.hubspot.com forms.hsforms.com js.hsadspixel.net js.hscollectedforms.net js.usemessages.com *.stripe.com *.stripe.network https://beacon-v2.helpscout.net renderer.gist.build code.gist.build; form-action api-iam.intercom.io intercom.help forms.hsforms.com forms.hubspot.com; media-src *.intercomcdn.com https://beacon-v2.helpscout.net *.mux.com blob:; frame-ancestors app.gitbook.com; base-uri https://docs.helpscout.net; object-src https://beacon-v2.helpscout.net; report-uri https://o1000929.ingest.sentry.io/api/5960429/security/?sentry_key=a9072c7b7a264a6e9c617a4fa5fa8ed9&sentry_environment=gitbook-x-prod&sentry_release=10.9.1001;
cache-control: private
access-control-allow-credentials: true
referrer-policy: no-referrer-when-downgrade
via: no cache
cf-ray: 8f1bfc488edf9f25-FRA
x-magic-hash: aee62fbf2983e07b20c269b5d6ed28d34d1d56b81e91993dcc0ad0ec021e908f
access-control-allow-origin: https://s0cm0nkey.gitbook.io
content-length: 72
function-execution-id: rrwd90jx1p3r
x-powered-by: GitBook
server: cloudflare

GET
H2 200 cyber-intelligence Show response
s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/ 5 KB
3 KB 261ms
261ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/cyber-intelligence?_rsc=1kgcg

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30ba7c1be12c8004654c98136fd3b64d04881dc16205a448de905c8d232c46e2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'nonce-YjBhZWFlZTAtNTgyYS00MzVhLWE0OWUtZjkwNDFjNzdkNGZj' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis
Next-Url: /dfir-digital-forensics-and-incident-response/file-analysis
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22dfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22dfir-digital-forensics-and-incident-response%5C%22%2C%5C%22file-analysis%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fs0cm0nkeys-security-reference-guide%2Fdfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: miss
content-encoding: gzip
cf-cache-status: DYNAMIC
cache-tag: release-10.9.1001,site:site_NVmMK
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=slu7tp3KQZQKAUhNBu2BLfoxOHWSG9HekjVNHHlWeyGRngLTf2wOk6lRGXlV8L524jUAo3ye9ZAV2O%2FdI%2BtpEr9Ls7vkuhPZKL5GHWoEOnFThtO5q19DrYyaStH6mwxKr3TB%2FzF5WZ%2BaIXfkXNhL"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:30 GMT
x-edge-runtime: 1
content-type: text/x-component
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.1001,site:site_NVmMK
content-security-policy: default-src 'self' ; script-src 'self' 'nonce-YjBhZWFlZTAtNTgyYS00MzVhLWE0OWUtZjkwNDFjNzdkNGZj' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 67a6fb4
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f1bfc45abf1dbb7-FRA
server: cloudflare

GET
H2 200 red-offensive Show response
s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/ 5 KB
3 KB 273ms
272ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/red-offensive?_rsc=1kgcg

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aaae1112232b969338cb2c737d737012a133adff8926bf9b007ed8dd3a026e23

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'nonce-MjEzMDRkZjgtM2Y2OS00NTEzLTllZTctZjgzMDgxMzhlZDBk' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis
Next-Url: /dfir-digital-forensics-and-incident-response/file-analysis
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22dfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22dfir-digital-forensics-and-incident-response%5C%22%2C%5C%22file-analysis%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fs0cm0nkeys-security-reference-guide%2Fdfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: miss
content-encoding: gzip
cf-cache-status: DYNAMIC
cache-tag: release-10.9.1001,site:site_NVmMK
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9TBu%2BtFlgJdeh12uxhh8FuMeSEy3ugcWwdoBVo4S5Sakd4NKgSi%2Bh8ao9SzCuhlJDmtw4G82ZJUyjm2ROYzXoU%2Fn%2F2TE6UbA%2FvCM%2B7hpItKpN1S1SmRiL4cUdxijo7rjhlsJ2bDxMYDdjRvpAyRT"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:30 GMT
x-edge-runtime: 1
content-type: text/x-component
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.1001,site:site_NVmMK
content-security-policy: default-src 'self' ; script-src 'self' 'nonce-MjEzMDRkZjgtM2Y2OS00NTEzLTllZTctZjgzMDgxMzhlZDBk' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 67a6fb4
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f1bfc45abf5dbb7-FRA
server: cloudflare

GET
H2 200 blue-defense Show response
s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/ 5 KB
2 KB 270ms
269ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/blue-defense?_rsc=1kgcg

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08b17767f7f83b34b4ab0656fdb1515a723ee5aaff5b089b32baea803d06036b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'nonce-YjY4ZTcwYjQtYzIwYS00YjdiLWI5YzgtODI0ZDQ3NzljMjM0' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis
Next-Url: /dfir-digital-forensics-and-incident-response/file-analysis
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22dfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22dfir-digital-forensics-and-incident-response%5C%22%2C%5C%22file-analysis%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fs0cm0nkeys-security-reference-guide%2Fdfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: miss
content-encoding: gzip
cf-cache-status: DYNAMIC
cache-tag: release-10.9.1001,site:site_NVmMK
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IRsv1yDGRdXzoUame67Kbn5F%2BvZm3NSXeXuO2F36gAZHsEy8SzVwseeMQXvyHCUshPh9Ig9YnzEbyBQkVwSoUBIWKUG6kHbRFeCxna9GoxDrVxaCrB3gHU2yDPWuz9ZAzr8DPCKKdsSiwTNu2pRx"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:30 GMT
x-edge-runtime: 1
content-type: text/x-component
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.1001,site:site_NVmMK
content-security-policy: default-src 'self' ; script-src 'self' 'nonce-YjY4ZTcwYjQtYzIwYS00YjdiLWI5YzgtODI0ZDQ3NzljMjM0' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 67a6fb4
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f1bfc45abf6dbb7-FRA
server: cloudflare

GET
H2 200 dfir-digital-forensics-and-incident-response Show response
s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/ 5 KB
3 KB 285ms
284ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response?_rsc=1kgcg

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

103ed4fecb0372b4bb2a982bc73d133d4cf95ce5a0ce1d667d9072ee9301e820

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'nonce-NmNkNjE1ODItZWMwYS00YWNkLThjMzItYzA1MDRiM2NmZTk1' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis
Next-Url: /dfir-digital-forensics-and-incident-response/file-analysis
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22dfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22dfir-digital-forensics-and-incident-response%5C%22%2C%5C%22file-analysis%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fs0cm0nkeys-security-reference-guide%2Fdfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: miss
content-encoding: gzip
cf-cache-status: DYNAMIC
cache-tag: release-10.9.1001,site:site_NVmMK
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=skX0%2BIQ1UdJnlre6uqpQnotPSZEXcOyAU%2Frb5bx1uKITqFxRixME7V0CQTCVP21i7VSx4RpWN8ERG8qASYgihDzrWfU3%2FRK38pvUCLjUL7TSV15SsEOYoNvmNaszaZmrMM8eGf975dZ%2BPdvTJ1r1"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:30 GMT
x-edge-runtime: 1
content-type: text/x-component
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.1001,site:site_NVmMK
content-security-policy: default-src 'self' ; script-src 'self' 'nonce-NmNkNjE1ODItZWMwYS00YWNkLThjMzItYzA1MDRiM2NmZTk1' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 67a6fb4
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f1bfc45abf7dbb7-FRA
server: cloudflare

GET
H2 200 icon
s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/~gitbook/ 1 KB
2 KB 576ms
576ms Other
image/png 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/~gitbook/icon?size=small&theme=light

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27cba87be9356b2e2215f9dfa28e68be49b892595bb0730ecf0f6d62c1b6ee17

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'nonce-YzE1MjY4ODMtZDY1Mi00ZDI4LTg1NzYtZDYwYjY1MDQ3MTI3' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

x-gitbook-cache: miss
cf-cache-status: DYNAMIC
cache-tag: release-10.9.1001,site:site_NVmMK
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sFFssMT8t1giaFuv3TjtONFHKNjDmC7PcR4UT6Kp61isO7WX2BXRbn9Y0ErFxQDfK%2FgHILME5WYQcIDqys%2B%2BxsXe%2FGGZO0KjDfEWSwSJL%2FVLmsPTJ23VNVQb9h8nZC%2F1wtuottcR%2FNX0kYXE5CDE"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /~gitbook/icon
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:31 GMT
content-type: image/png
vary: Accept-Encoding
cf-placement: remote-SJC
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.1001,site:site_NVmMK
content-security-policy: default-src 'self' ; script-src 'self' 'nonce-YzE1MjY4ODMtZDY1Mi00ZDI4LTg1NzYtZDYwYjY1MDQ3MTI3' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 67a6fb4
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f1bfc45abfddbb7-FRA
server: cloudflare

GET
H2 200 interact-with-remote-machine Show response
s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/ 5 KB
2 KB 63ms
62ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/interact-with-remote-machine?_rsc=1kgcg

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6272afe239e7f7612b6372f536bba373f4c6094aca9f0774cc68dc57527f6be5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'nonce-ZTQyOWNjNGUtNjY5Ny00Njc3LWFlNjktNzUwODkzY2Q1Yjlk' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis
Next-Url: /dfir-digital-forensics-and-incident-response/file-analysis
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22dfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22dfir-digital-forensics-and-incident-response%5C%22%2C%5C%22file-analysis%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fs0cm0nkeys-security-reference-guide%2Fdfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 66926
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dALq9exXN5vtyq5vHvllUMthcmd3hCOxSyw3%2B794B2HbZ3GblRAdaFTJBrAJ%2Bf8jHGUWv02dVQPX0ErRxEySsY3KNMYkA8GHYHvonP7QqscQgC7riNgHZNSsvB3La%2BAPhYchgoQ2C90EeoEuLzvT"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:30 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 13 Dec 2024 11:27:04 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.1001,site:site_NVmMK
content-security-policy: default-src 'self' ; script-src 'self' 'nonce-ZTQyOWNjNGUtNjY5Ny00Njc3LWFlNjktNzUwODkzY2Q1Yjlk' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 6b5d7e6
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f1bfc471e04dbb7-FRA
server: cloudflare

GET
H2 200 windows-system-enumeration Show response
s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/ 5 KB
3 KB 521ms
521ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/windows-system-enumeration?_rsc=1kgcg

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d237488c90a460555330e71d279f9d08894c0ae303c7bea1fca2c0efe886ec10

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'nonce-ZjgxMWQ0MmItNjQ5OC00ZmQxLWE0ZDctZTQzOWI0NjFiN2Zh' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis
Next-Url: /dfir-digital-forensics-and-incident-response/file-analysis
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22dfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22dfir-digital-forensics-and-incident-response%5C%22%2C%5C%22file-analysis%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fs0cm0nkeys-security-reference-guide%2Fdfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: miss
content-encoding: gzip
cf-cache-status: DYNAMIC
cache-tag: release-10.9.1001,site:site_NVmMK
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kG5%2BjII%2F%2FA8RmvY2xV7d6Vp0Vv3zOsGCxjDiLRd619jCN73eKurcoYmcUAblPC%2FfkYm1KkA3jMIMsXyEhXFcNWI%2FVC8G6yVpjsDzL994QpUtFyhTtIvrdLFfwAKFr%2Fs8KyE1oygPqX0cphSQhpJR"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:31 GMT
x-edge-runtime: 1
content-type: text/x-component
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.1001,site:site_NVmMK
content-security-policy: default-src 'self' ; script-src 'self' 'nonce-ZjgxMWQ0MmItNjQ5OC00ZmQxLWE0ZDctZTQzOWI0NjFiN2Zh' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 67a6fb4
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f1bfc474e41dbb7-FRA
server: cloudflare

GET
H2 200 windows-process-information Show response
s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/ 5 KB
3 KB 289ms
289ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/windows-process-information?_rsc=1kgcg

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18083929dee7dd5fab823383d1812465747d78deafc6b66fc757b170e8b67e8e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'nonce-NzAyNzFjYWYtMDQ5Ni00Yjc0LWExNzUtMjkwNTliNjc4ZDJl' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis
Next-Url: /dfir-digital-forensics-and-incident-response/file-analysis
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22dfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22dfir-digital-forensics-and-incident-response%5C%22%2C%5C%22file-analysis%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fs0cm0nkeys-security-reference-guide%2Fdfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: miss
content-encoding: gzip
cf-cache-status: DYNAMIC
cache-tag: release-10.9.1001,site:site_NVmMK
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DUXUScnVPvrqJZKMvbNWwLZmoxvqmJDKPenrxuIHhRHf628StIFjx99TQZ0KpX1mLG2s1gWT0WsWzTFe3aRo83WYvDZcRMU3ebufBgdIYbCSFU87sfjzJdUB4v2ZT3pvVN%2BRrZNUICB76J7%2BZsVr"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:31 GMT
x-edge-runtime: 1
content-type: text/x-component
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.1001,site:site_NVmMK
content-security-policy: default-src 'self' ; script-src 'self' 'nonce-NzAyNzFjYWYtMDQ5Ni00Yjc0LWExNzUtMjkwNTliNjc4ZDJl' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 67a6fb4
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f1bfc476e62dbb7-FRA
server: cloudflare

GET
H2 200 windows-dfir-checks Show response
s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/ 5 KB
3 KB 71ms
70ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/windows-dfir-checks?_rsc=1kgcg

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6e25a83b646af5609576ed31f90470c277383fc7f0a03c892b82aa3f5f73a17

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'nonce-ZmNiMTQ1NjYtMWJmMi00ZjIxLThlNWUtYjQyM2E2MjRjMDI3' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis
Next-Url: /dfir-digital-forensics-and-incident-response/file-analysis
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22dfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22dfir-digital-forensics-and-incident-response%5C%22%2C%5C%22file-analysis%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fs0cm0nkeys-security-reference-guide%2Fdfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 66927
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yUQDx0sJQpAm%2F2uV13QJkavmX15gxFnaa6S0%2FfCmihqen13okqX49%2FH7j%2B2fY8U8eM1VIfUSDYXW0fPBrHcgXdLUVcIndBSjK2Kw9oOBllbfRVcz0FyXnb4ThgOtyp7AMmoIIW2bofJkA83L7MTk"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:30 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 13 Dec 2024 11:27:03 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.1001,site:site_NVmMK
content-security-policy: default-src 'self' ; script-src 'self' 'nonce-ZmNiMTQ1NjYtMWJmMi00ZjIxLThlNWUtYjQyM2E2MjRjMDI3' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 6b5d7e6
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f1bfc477e7bdbb7-FRA
server: cloudflare

GET
H2 200 windows-dfir-check-by-mitre-tactic Show response
s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/ 5 KB
3 KB 291ms
291ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/windows-dfir-check-by-mitre-tactic?_rsc=1kgcg

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9eff477d572bb75c3ca5e1038ae0292e0e4d6fc5f83f6e60aaf95d11dd0d733

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'nonce-NzBkMGY2NGQtOGQ5YS00M2JhLWIyMTItMDZkOWFkNDRlNDhj' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis
Next-Url: /dfir-digital-forensics-and-incident-response/file-analysis
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22dfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22dfir-digital-forensics-and-incident-response%5C%22%2C%5C%22file-analysis%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fs0cm0nkeys-security-reference-guide%2Fdfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: miss
content-encoding: gzip
cf-cache-status: DYNAMIC
cache-tag: release-10.9.1001,site:site_NVmMK
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LWYFKwGrRv5CeTlbhpl2dI0GDAgxIKJwrcAjyGwE8t2w1y8WGVGzOuYRq9LR%2BvuDYxKm3b3BlHsocVjKfxZz0%2FQ7e%2Fu6wc2GPFyMYsomHRT4qLnU%2B0ZcmXkYWZcaumgukVE3A54ao3Rmr5hMeheH"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:31 GMT
x-edge-runtime: 1
content-type: text/x-component
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.1001,site:site_NVmMK
content-security-policy: default-src 'self' ; script-src 'self' 'nonce-NzBkMGY2NGQtOGQ5YS00M2JhLWIyMTItMDZkOWFkNDRlNDhj' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 67a6fb4
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f1bfc478e8ddbb7-FRA
server: cloudflare

GET
H2 200 windows-event-logs Show response
s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/ 5 KB
3 KB 63ms
63ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/windows-event-logs?_rsc=1kgcg

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea9072df347a83b3ce9733788bf0af193a8d5d5437562541f2ac3664d14f3cd5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'nonce-YWY2NGExZDktODNmMy00NzA1LTk5M2EtYWUwM2U5MzAzNzky' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis
Next-Url: /dfir-digital-forensics-and-incident-response/file-analysis
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22dfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22dfir-digital-forensics-and-incident-response%5C%22%2C%5C%22file-analysis%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fs0cm0nkeys-security-reference-guide%2Fdfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 66926
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LRluWbzNuSq6pZSh2mVKJjVfcTyfuy97xL1AURaFhGU5jyQTn6MWKcdk5PnmYzLZb32M15%2B7FI81ltBUqTlEY6E3%2BwimGJQxYFZ6lgR7lp3c8ebgbEss%2B6iQ9gdw5kPMgyMYdtxHwKM8MiNK%2Fi9S"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:30 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 13 Dec 2024 11:27:04 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.1001,site:site_NVmMK
content-security-policy: default-src 'self' ; script-src 'self' 'nonce-YWY2NGExZDktODNmMy00NzA1LTk5M2EtYWUwM2U5MzAzNzky' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 6b5d7e6
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f1bfc478e97dbb7-FRA
server: cloudflare

GET
H2 200 windows-remediation-commands Show response
s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/ 5 KB
3 KB 267ms
267ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/windows-remediation-commands?_rsc=1kgcg

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d28f1e534a33cd1776a3d13ad2bfa066d358e741af06b37a6a4c716f5fbb29fd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'nonce-MjBiNTQ3MWUtYzg2ZC00N2NhLTk0YmMtMTM1YWRkM2FjM2Qy' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis
Next-Url: /dfir-digital-forensics-and-incident-response/file-analysis
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22dfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22dfir-digital-forensics-and-incident-response%5C%22%2C%5C%22file-analysis%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fs0cm0nkeys-security-reference-guide%2Fdfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: miss
content-encoding: gzip
cf-cache-status: DYNAMIC
cache-tag: release-10.9.1001,site:site_NVmMK
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q1zXw%2F5%2FBafEtyLz0dQbR8RW6ANJ1CoZXGoxqpzB68vMKW2ew0ek9MI6gC29r99Hc6LyyXbihlQZPxKFmJR42rT22WaAZWYJvOiLdp%2F7TziVKvDPCeG0depkNqEK198dDtk%2B68RE%2BrmPdLzE%2BpMr"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:31 GMT
x-edge-runtime: 1
content-type: text/x-component
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.1001,site:site_NVmMK
content-security-policy: default-src 'self' ; script-src 'self' 'nonce-MjBiNTQ3MWUtYzg2ZC00N2NhLTk0YmMtMTM1YWRkM2FjM2Qy' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 67a6fb4
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f1bfc47ef3fdbb7-FRA
server: cloudflare

GET
H2 200 ir-event-log-cheatsheet Show response
s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/ 5 KB
3 KB 283ms
283ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/ir-event-log-cheatsheet?_rsc=1kgcg

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d5e1e20d1e6b35ee42770e1fb48f79db1ac63833226c5903462e898f292cafd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'nonce-YWFlZTYxMTQtMDg5OC00MDFhLThmZmItMDA5NTk1YzM3MzVm' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis
Next-Url: /dfir-digital-forensics-and-incident-response/file-analysis
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22dfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22dfir-digital-forensics-and-incident-response%5C%22%2C%5C%22file-analysis%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fs0cm0nkeys-security-reference-guide%2Fdfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: miss
content-encoding: gzip
cf-cache-status: DYNAMIC
cache-tag: release-10.9.1001,site:site_NVmMK
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NkeFj8XNrhzKqKN8nf8gM3%2B4wsegLLthaSq65WbigiIIyti4pCAe7iZ0OMAH%2FMn6QLXUQjiDsaOmZQ%2BDsJHy9A8wyX3i%2Bz2YEptKxaZfL4MZlZ8%2FjS7A%2BksabAXfyOEAGYrhGY63fb39vABq5eLR"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:31 GMT
x-edge-runtime: 1
content-type: text/x-component
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.1001,site:site_NVmMK
content-security-policy: default-src 'self' ; script-src 'self' 'nonce-YWFlZTYxMTQtMDg5OC00MDFhLThmZmItMDA5NTk1YzM3MzVm' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 67a6fb4
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f1bfc47ff52dbb7-FRA
server: cloudflare

GET
H2 200 linux-dfir-commands Show response
s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/ 5 KB
3 KB 276ms
276ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/linux-dfir-commands?_rsc=1kgcg

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

696d8bfc52a1d5e52ced70ab393aad280e1edbabf6a2aaf0f20a78fb39606450

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'nonce-ZjhiZDZlMDMtYjAwYy00ZTU1LTk2OTctNzg2ZGJjMzdmNmU2' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis
Next-Url: /dfir-digital-forensics-and-incident-response/file-analysis
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22dfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22dfir-digital-forensics-and-incident-response%5C%22%2C%5C%22file-analysis%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fs0cm0nkeys-security-reference-guide%2Fdfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: miss
content-encoding: gzip
cf-cache-status: DYNAMIC
cache-tag: release-10.9.1001,site:site_NVmMK
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m3hZCrziZPMWYJfLm6XjEwKLqEm1D%2BwXE5pQG0OqvmjFOwvy48JCHGtvQZYHIujhF66lqbPK4OMNNn6Z3fSJXuT4KizfHykvtJ0%2F%2FU04M%2BwnUBFP7xGSyuzOYQgsUCIr6L0SWdVZ%2F7cKL4ryY4FW"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:31 GMT
x-edge-runtime: 1
content-type: text/x-component
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.1001,site:site_NVmMK
content-security-policy: default-src 'self' ; script-src 'self' 'nonce-ZjhiZDZlMDMtYjAwYy00ZTU1LTk2OTctNzg2ZGJjMzdmNmU2' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 67a6fb4
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f1bfc49391ddbb7-FRA
server: cloudflare

GET
H2 200 macos-dfir-commands Show response
s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/ 5 KB
3 KB 255ms
255ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/macos-dfir-commands?_rsc=1kgcg

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2824333c4a1bcf362f26a6c76ba757dbc70f1be616d03b952e4b0ced1ac03085

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'nonce-ZDBkZDlmYTItZWQ4Zi00MGE0LWI0YmYtNmRiMzhiOGEwN2Vi' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis
Next-Url: /dfir-digital-forensics-and-incident-response/file-analysis
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22dfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22dfir-digital-forensics-and-incident-response%5C%22%2C%5C%22file-analysis%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fs0cm0nkeys-security-reference-guide%2Fdfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: miss
content-encoding: gzip
cf-cache-status: DYNAMIC
cache-tag: release-10.9.1001,site:site_NVmMK
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oPFFu%2BnPDfZZmebB4Ip5anh4sr%2F4oziuw7n3KEZHntSN3AbE72nn6hrua6M%2B4MhgsW2xCVdKAg%2BLTKBm4rSkf%2BRK0Ycg5q8cCTtQT7bV95TxkiVMe5HMJ4MQzfQZIYiX9HaRSwPKxiuAIk%2B0AZrY"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:31 GMT
x-edge-runtime: 1
content-type: text/x-component
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.1001,site:site_NVmMK
content-security-policy: default-src 'self' ; script-src 'self' 'nonce-ZDBkZDlmYTItZWQ4Zi00MGE0LWI0YmYtNmRiMzhiOGEwN2Vi' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 67a6fb4
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f1bfc495942dbb7-FRA
server: cloudflare

GET
H2 200 yara Show response
s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/ 5 KB
3 KB 59ms
59ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/yara?_rsc=1kgcg

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce8eaa08f87a9a0fd47173ca39b9067106962a4b57f674b381538a81954c6d2d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'nonce-ZWY3YWQ0YTgtMTVhZi00NGQyLTkyNzctN2EwY2FmMzMxZDhk' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis
Next-Url: /dfir-digital-forensics-and-incident-response/file-analysis
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22dfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22dfir-digital-forensics-and-incident-response%5C%22%2C%5C%22file-analysis%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fs0cm0nkeys-security-reference-guide%2Fdfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 66927
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BwuIauMMkC2f%2FkY7VHUx97M75Ot1D%2BTODYj5s7GmmCY3%2FF2vMqRLRNP61Bv7pLLzbmatobg1xurLBVdGb3wahK3xVQ11sr2UOXbXjzT%2Fi3yCVexB%2FpOr%2FLI0cxpn36v3Xb%2BkDXOrxXCsVs9qLB4%2B"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:31 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 13 Dec 2024 11:27:04 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.1001,site:site_NVmMK
content-security-policy: default-src 'self' ; script-src 'self' 'nonce-ZWY3YWQ0YTgtMTVhZi00NGQyLTkyNzctN2EwY2FmMzMxZDhk' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 6b5d7e6
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f1bfc49a9a7dbb7-FRA
server: cloudflare

POST
H2 204 track_view
api.gitbook.com/v1/orgs/doZdVMIkveZvmU39asSe/sites/site_NVmMK/insights/ 0
0 255ms
253ms Fetch
text/html 172.64.146.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gitbook.com/v1/orgs/doZdVMIkveZvmU39asSe/sites/site_NVmMK/insights/track_view

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/_next/static/chunks/app/(site)/(content)/%5B%5B...pathname%5D%5D/page-1e1492d7790ff44b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.167 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis

Response headers

access-control-expose-headers: location,x-gitbook-execution-id,x-gitbook-mutations,x-gitbook-subscription-channels,x-gitbook-subscription-urls
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:32 GMT
content-type: text/html
vary: Accept-Encoding
x-cloud-trace-context: 6282e335a7efba14ab9041b498065909
x-frame-options: DENY
strict-transport-security: max-age=3600
access-control-allow-credentials: true
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f1bfc4d8c1139e8-FRA
access-control-allow-origin: *
x-gitbook-execution-id: 0e8f44e56af24462
x-powered-by: GitBook
server: cloudflare

OPTIONS
H2 204 track_view
api.gitbook.com/v1/orgs/doZdVMIkveZvmU39asSe/sites/site_NVmMK/insights/ 0
0 554ms
85ms Preflight 172.64.146.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gitbook.com/v1/orgs/doZdVMIkveZvmU39asSe/sites/site_NVmMK/insights/track_view

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.146.167 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / GitBook

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://s0cm0nkey.gitbook.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,x-castle-request-token,if-unmodified-since,x-gitbook-trace-id,x-gitbook-span-id,x-gitbook-criticality
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-expose-headers: location,x-gitbook-execution-id,x-gitbook-mutations,x-gitbook-subscription-channels,x-gitbook-subscription-urls
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-ray: 8f1bfc4d2bdb39e8-FRA
date: Sat, 14 Dec 2024 06:02:31 GMT
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=3600
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: GitBook

GET
H2 200 memory-forensics Show response
s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/ 5 KB
3 KB 262ms
261ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/memory-forensics?_rsc=1kgcg

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6aeb96d10e63ad9eb17a7fb13d8209191ea6d5d93a779ad3c7250b719d3c40c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'nonce-ODVmMWExYTktMjJjOC00Zjc0LTllYmEtNzhmOTEzOWIxZmJj' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis
Next-Url: /dfir-digital-forensics-and-incident-response/file-analysis
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22dfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22dfir-digital-forensics-and-incident-response%5C%22%2C%5C%22file-analysis%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fs0cm0nkeys-security-reference-guide%2Fdfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: miss
content-encoding: gzip
cf-cache-status: DYNAMIC
cache-tag: release-10.9.1001,site:site_NVmMK
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cSww3M%2BiBMAm26CQsemm109oNYzgAPqXCQS9S67e2KxUr3ACUhTIuKqmEXiCS7ZXnLr8UQRmtJPb4Lk2HYZaUSj7%2BRapDgV63ZClt7bPQrViD82XbhcU%2BZWOZ7f%2FH5I4RddsVsL4KwC4v5MXVTDT"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:31 GMT
x-edge-runtime: 1
content-type: text/x-component
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.1001,site:site_NVmMK
content-security-policy: default-src 'self' ; script-src 'self' 'nonce-ODVmMWExYTktMjJjOC00Zjc0LTllYmEtNzhmOTEzOWIxZmJj' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 67a6fb4
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f1bfc4a0a09dbb7-FRA
server: cloudflare

GET
H2 200 sandboxing Show response
s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/ 5 KB
3 KB 391ms
390ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/sandboxing?_rsc=1kgcg

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b9b4e42eed375d8aa08ff23372fb4b29411c85a5aea2bcf01edd23c960bf178

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'nonce-NGIzZjA5OWMtOGY3ZC00ZTQwLWE1YmMtM2QyNTlmYzE1NjQ2' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis
Next-Url: /dfir-digital-forensics-and-incident-response/file-analysis
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22dfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22dfir-digital-forensics-and-incident-response%5C%22%2C%5C%22file-analysis%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fs0cm0nkeys-security-reference-guide%2Fdfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: miss
content-encoding: gzip
cf-cache-status: DYNAMIC
cache-tag: release-10.9.1001,site:site_NVmMK
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2FWxRcbUMr5uJ%2BrO19uG%2F%2FEmaqMsRPqs%2FODu7kh3%2BMuCUHyfn5HplAOEKicsZMuMNewaElm7VZxznTgVFXCtmUziuilQsKhpmgHz%2F4TZvtlb6OvR%2BdiFGSlr1uP4aoHBtkU2ys6ZKdD%2FMD2I04Vk"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:31 GMT
x-edge-runtime: 1
content-type: text/x-component
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.1001,site:site_NVmMK
content-security-policy: default-src 'self' ; script-src 'self' 'nonce-NGIzZjA5OWMtOGY3ZC00ZTQwLWE1YmMtM2QyNTlmYzE1NjQ2' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 67a6fb4
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f1bfc4a9afedbb7-FRA
server: cloudflare

GET
H2 200 malware Show response
s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/ 5 KB
3 KB 261ms
261ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/malware?_rsc=1kgcg

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f087216fafd2db55572de7e3ff6786c2fc4ded571219c013b1ec870f6c21bf8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'nonce-ZjUzODIxYmEtOGY3MC00YmM4LTkxNWItNTA4MjNmNjRjYzZh' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis
Next-Url: /dfir-digital-forensics-and-incident-response/file-analysis
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22dfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22dfir-digital-forensics-and-incident-response%5C%22%2C%5C%22file-analysis%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fs0cm0nkeys-security-reference-guide%2Fdfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: miss
content-encoding: gzip
cf-cache-status: DYNAMIC
cache-tag: release-10.9.1001,site:site_NVmMK
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8iIWRI3BwTrmNHFZ0jtRyPoNnRRLEU4WmTL52tlHU%2FL45iGD0RbCFdOVK8FUAl5UuesEN8wi0qPIEgTbMp7CsxLfqULsOKFFO6nu0ETIOVYiX8t0Q5%2BvXV%2BgONnIBs2fzIUYPt3RalK3XjrK0emV"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:31 GMT
x-edge-runtime: 1
content-type: text/x-component
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.1001,site:site_NVmMK
content-security-policy: default-src 'self' ; script-src 'self' 'nonce-ZjUzODIxYmEtOGY3MC00YmM4LTkxNWItNTA4MjNmNjRjYzZh' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 67a6fb4
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f1bfc4aab12dbb7-FRA
server: cloudflare

GET
H2 200 binary-analysis-reverse-engineering Show response
s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/ 5 KB
3 KB 244ms
244ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/binary-analysis-reverse-engineering?_rsc=1kgcg

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29858739d8cf8e0e1d8c02d9571e2dacb5d7bbaa975a685998b114b17add5e22

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'nonce-ZDcxYzZhM2MtNzMzMy00NmQ3LTk4ZGYtZDc1MTc3OTk5OGFh' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis
Next-Url: /dfir-digital-forensics-and-incident-response/file-analysis
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22dfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22dfir-digital-forensics-and-incident-response%5C%22%2C%5C%22file-analysis%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fs0cm0nkeys-security-reference-guide%2Fdfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: miss
content-encoding: gzip
cf-cache-status: DYNAMIC
cache-tag: release-10.9.1001,site:site_NVmMK
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OFiOpo5HkSnhqTGjcmjhtKmKoll5zIU8TW9YLZe68o4x%2FyizHw9xq58QTw1Th4zJnWsVpVe2V%2FsHS%2F7YkZwfEOxmttg7SZaN%2BcUuxoszsORO3kFY%2FcJXyxIvodAf9OTeaRa6UZGNTmDnpwgC1Rw6"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:31 GMT
x-edge-runtime: 1
content-type: text/x-component
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.1001,site:site_NVmMK
content-security-policy: default-src 'self' ; script-src 'self' 'nonce-ZDcxYzZhM2MtNzMzMy00NmQ3LTk4ZGYtZDc1MTc3OTk5OGFh' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 67a6fb4
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f1bfc4afb78dbb7-FRA
server: cloudflare

GET
H2 200 yellow-neteng-sysadmin Show response
s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/ 5 KB
3 KB 242ms
241ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/yellow-neteng-sysadmin?_rsc=1kgcg

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

226a69120fca10de9de27995835213cdcc032511b096600cc40885630afc5319

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'nonce-MjBhZTM1ZmMtZTg2My00MjM3LThmYzYtZmY4OGY2YmMyY2Vk' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis
Next-Url: /dfir-digital-forensics-and-incident-response/file-analysis
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22dfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22dfir-digital-forensics-and-incident-response%5C%22%2C%5C%22file-analysis%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fs0cm0nkeys-security-reference-guide%2Fdfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: miss
content-encoding: gzip
cf-cache-status: DYNAMIC
cache-tag: release-10.9.1001,site:site_NVmMK
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C7ptoL3sChlovEoYYkIYN7%2FauTAdoEQu1aCTW6VCSGIt7Zv6jMRDfJqaFioZzPr%2ByJN2f8LvbwhygMMvnERVzvt50ZTkWXaWk6CGO38VRmnquWDRr90jOfn95s8UHIQsC4ND8LZUPo7Dcsw%2BzLQI"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:31 GMT
x-edge-runtime: 1
content-type: text/x-component
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.1001,site:site_NVmMK
content-security-policy: default-src 'self' ; script-src 'self' 'nonce-MjBhZTM1ZmMtZTg2My00MjM3LThmYzYtZmY4OGY2YmMyY2Vk' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 67a6fb4
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f1bfc4b0b95dbb7-FRA
server: cloudflare

GET
H2 200 security-logging Show response
s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/ 5 KB
3 KB 246ms
245ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/security-logging?_rsc=1kgcg

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6370c545634e776c55a07a301d543c4d2b2c443c2021f65a166a41ca942abd57

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'nonce-NWM4YzM2NmYtMzdmYi00ODk1LTkyN2YtZDU5NWVkNzJkMjgx' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis
Next-Url: /dfir-digital-forensics-and-incident-response/file-analysis
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22dfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22dfir-digital-forensics-and-incident-response%5C%22%2C%5C%22file-analysis%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fs0cm0nkeys-security-reference-guide%2Fdfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: miss
content-encoding: gzip
cf-cache-status: DYNAMIC
cache-tag: release-10.9.1001,site:site_NVmMK
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rFLA%2F3Q3ocrK5HyIOgdlfUf1T68LXb0QA%2Bs%2ByNQIt7a%2Fc%2B83Wx8gBaSfb%2FZQ0s8xds1u6OuzfR4F5R71eWE48HgN%2BTJsztlHlCFi1Phkz4JRs8E9U2ebKw7owyCIjGUlViNszb7CQMQ5AfqiMQ09"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:31 GMT
x-edge-runtime: 1
content-type: text/x-component
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.1001,site:site_NVmMK
content-security-policy: default-src 'self' ; script-src 'self' 'nonce-NWM4YzM2NmYtMzdmYi00ODk1LTkyN2YtZDU5NWVkNzJkMjgx' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 67a6fb4
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f1bfc4bbc5ddbb7-FRA
server: cloudflare

GET
H2 200 cloud Show response
s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/ 5 KB
3 KB 261ms
261ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/cloud?_rsc=1kgcg

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d97c104edac2c08d7b4dd642dc569224782df23e8675bea41b9a63eae25765ae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'nonce-M2FmMDMzZjktM2U1ZC00YTc4LTg3OWItMzNiYzU0YTIxYzM1' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis
Next-Url: /dfir-digital-forensics-and-incident-response/file-analysis
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22dfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22dfir-digital-forensics-and-incident-response%5C%22%2C%5C%22file-analysis%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fs0cm0nkeys-security-reference-guide%2Fdfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: miss
content-encoding: gzip
cf-cache-status: DYNAMIC
cache-tag: release-10.9.1001,site:site_NVmMK
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bQpcpLxi36FkozPmUqkiSNgOK%2FZ47ZzxknGrUrhti%2Bvupil%2F45L9Y2z94nA3ybp19gWSdLT8pnIx2u5i0nBZeLFAT7lfJgFzI9jlyuDPl6Et%2FO%2BaPo92zbH4Kl2islj62wdbZwwQ4sQgCzd7ajl5"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:31 GMT
x-edge-runtime: 1
content-type: text/x-component
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.1001,site:site_NVmMK
content-security-policy: default-src 'self' ; script-src 'self' 'nonce-M2FmMDMzZjktM2U1ZC00YTc4LTg3OWItMzNiYzU0YTIxYzM1' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 67a6fb4
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f1bfc4c4d15dbb7-FRA
server: cloudflare

GET
H2 200 containers Show response
s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/ 5 KB
3 KB 241ms
240ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/containers?_rsc=1kgcg

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f36940f3151747d8e7d1e1b37d1e39ba7e309e547c11f76688c2b6c7a09922e3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'nonce-ZTVhNjMyYjAtNzg2NC00YzZiLThiYjctMjczMDE0ZmZkM2Rk' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis
Next-Url: /dfir-digital-forensics-and-incident-response/file-analysis
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22dfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22dfir-digital-forensics-and-incident-response%5C%22%2C%5C%22file-analysis%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fs0cm0nkeys-security-reference-guide%2Fdfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: miss
content-encoding: gzip
cf-cache-status: DYNAMIC
cache-tag: release-10.9.1001,site:site_NVmMK
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qhsnXzxcG4BGjkvpmPGvcUJTsMh5PRQd23jaor%2FoYGMyY9azY%2B9HqK5sEjftGOHftOb0G7M%2F3A2En1%2FRCvyTmMx0EBwiURxD5%2Br%2BqdJgAxYC8E1lQbZUMsWB1gp5ymmNJlYR3EtDNUKLU3eI53nI"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:31 GMT
x-edge-runtime: 1
content-type: text/x-component
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.1001,site:site_NVmMK
content-security-policy: default-src 'self' ; script-src 'self' 'nonce-ZTVhNjMyYjAtNzg2NC00YzZiLThiYjctMjczMDE0ZmZkM2Rk' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 67a6fb4
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f1bfc4c9d67dbb7-FRA
server: cloudflare

GET
H2 200 code-tools Show response
s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/ 5 KB
3 KB 247ms
247ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/code-tools?_rsc=1kgcg

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abfcba259eaa583224bfd8ba46ceb0fc0b1f571fd13abce618faf117a9d95ed8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'nonce-NmJiODFlYWMtOGQ4Yi00ZDAxLWIyYjQtZDJkOGY4MTBjM2M5' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis
Next-Url: /dfir-digital-forensics-and-incident-response/file-analysis
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22dfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22dfir-digital-forensics-and-incident-response%5C%22%2C%5C%22file-analysis%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fs0cm0nkeys-security-reference-guide%2Fdfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: miss
content-encoding: gzip
cf-cache-status: DYNAMIC
cache-tag: release-10.9.1001,site:site_NVmMK
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pCM%2Fi74ywv1wAsTsliYzA1c%2F9IYvMXGO8a7nwiKaIjNvytNRYrdUxOwOgi5ZBOfmI8CXaMCQMEEVWFtghmwoXgvn5nyMlSb3OW3NSZXPnp6cHyPodUEVsW2O9oUMEvgZewrz4mhT7Dq3WZ3JzaU7"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:31 GMT
x-edge-runtime: 1
content-type: text/x-component
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.1001,site:site_NVmMK
content-security-policy: default-src 'self' ; script-src 'self' 'nonce-NmJiODFlYWMtOGQ4Yi00ZDAxLWIyYjQtZDJkOGY4MTBjM2M5' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 67a6fb4
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f1bfc4c9d75dbb7-FRA
server: cloudflare

GET
H2 200 yellow-ai-machine-learning-and-foss Show response
s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/ 5 KB
3 KB 53ms
52ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/yellow-ai-machine-learning-and-foss?_rsc=1kgcg

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

203e059a20b35700738943cdb813886126dcfe685e20a71e63ad91a81d6662c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'nonce-YjY1MmNhM2ItM2M2Ni00N2FmLWEzMDktYmY1OGFiNGUyYjE1' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis
Next-Url: /dfir-digital-forensics-and-incident-response/file-analysis
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22dfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22dfir-digital-forensics-and-incident-response%5C%22%2C%5C%22file-analysis%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fs0cm0nkeys-security-reference-guide%2Fdfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 79308
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hGtDsYUbKGgvoyR1Cw1UyUOi6h9WT8Z55ZV%2BGnuR59a5KhRdrlCHJc4GwRVSiZ3D%2B28ectY%2Bmh8usc1U0%2FqqzECEurvxjUYQT2gQrN52WIZvTiFPmaveSlijzCBDG1Smda3npZdpc84kT%2BlPIh8V"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:31 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 13 Dec 2024 08:00:43 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.999,site:site_NVmMK
content-security-policy: default-src 'self' ; script-src 'self' 'nonce-YjY1MmNhM2ItM2M2Ni00N2FmLWEzMDktYmY1OGFiNGUyYjE1' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: 6b5d7e6
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f1bfc4d1e56dbb7-FRA
server: cloudflare

GET
H2 200 grey-privacy-tor-opsec Show response
s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/ 5 KB
3 KB 54ms
54ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/grey-privacy-tor-opsec?_rsc=1kgcg

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee2ecf7190c4788144e3157bb038ac36e99db03533b6e7e41b6a7f5b86f6699d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'nonce-NjVmMmJkNWMtMDg1NS00YzU4LWFiM2ItNzczYzgzMGQ4MTk3' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis
Next-Url: /dfir-digital-forensics-and-incident-response/file-analysis
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22dfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22dfir-digital-forensics-and-incident-response%5C%22%2C%5C%22file-analysis%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fs0cm0nkeys-security-reference-guide%2Fdfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 61939
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y4cJ8clcn0p1nGvNh1g4bZ%2FHK5GslqV1kwxePGoC1MyJwNdHLfHbz1CDVTIC9B0%2F2fPZcKMZPRDarDFw0b3yYs%2FnaTN6VRL5mzneyt8WyPFXxRsCDAhbMRKhNAIUmM%2FutuV3LdbctVZBK3rYzHg2"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:31 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 13 Dec 2024 12:50:12 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.1001,site:site_NVmMK
content-security-policy: default-src 'self' ; script-src 'self' 'nonce-NjVmMmJkNWMtMDg1NS00YzU4LWFiM2ItNzczYzgzMGQ4MTk3' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: c73e07d
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f1bfc4d4e85dbb7-FRA
server: cloudflare

GET
H2 200 training Show response
s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/ 5 KB
3 KB 52ms
51ms Fetch
text/x-component 172.64.147.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/training?_rsc=1kgcg

Requested by

Host: s0cm0nkey.gitbook.io
URL: https://s0cm0nkey.gitbook.io/_next/static/chunks/9978-293e379e3e1468f4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.147.209 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cbc4b3d81cadad68e7fcbad64d398eed79c20c7abdedb8f7df7f175c79d9809

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'nonce-ZTYxN2ZjODctMzNjNy00OWQzLWE4NTAtODMyYWUxY2RjMmJi' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

RSC: 1
Referer: https://s0cm0nkey.gitbook.io/s0cm0nkeys-security-reference-guide/dfir-digital-forensics-and-incident-response/file-analysis
Next-Url: /dfir-digital-forensics-and-incident-response/file-analysis
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Next-Router-Prefetch: 1
Next-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22(site)%22%2C%7B%22children%22%3A%5B%22(content)%22%2C%7B%22children%22%3A%5B%5B%22pathname%22%2C%22dfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22oc%22%5D%2C%7B%22children%22%3A%5B%22__PAGE__%3F%7B%5C%22pathname%5C%22%3A%5B%5C%22dfir-digital-forensics-and-incident-response%5C%22%2C%5C%22file-analysis%5C%22%5D%7D%22%2C%7B%7D%2C%22%2Fs0cm0nkeys-security-reference-guide%2Fdfir-digital-forensics-and-incident-response%2Ffile-analysis%22%2C%22refresh%22%5D%7D%5D%7D%5D%7D%2Cnull%2Cnull%2Ctrue%5D%7D%5D

Response headers

x-gitbook-cache: hit
content-encoding: gzip
cf-cache-status: HIT
age: 61939
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7vZK%2FyGjOZqIsT5xNGENZq0UTWjtmkTbOE1R1MUWlSUWuOTolFgO0fUy0%2FW4d%2BdhDb8jeWlzONGt63Tenyt0Jq6jF5cZ2TQVEJK5Hk1NBJgE5fI2ECCfeMR1zYk2M5TdtDeaEB3dPhL9giH4C3%2Bg"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-matched-path: /[[...pathname]]
alt-svc: h3=":443"; ma=86400
date: Sat, 14 Dec 2024 06:02:31 GMT
x-edge-runtime: 1
content-type: text/x-component
last-modified: Fri, 13 Dec 2024 12:50:12 GMT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
cf-placement: remote-SJC
strict-transport-security: max-age=31536000
x-gitbook-cache-tag: release-10.9.1001,site:site_NVmMK
content-security-policy: default-src 'self' ; script-src 'self' 'nonce-ZTYxN2ZjODctMzNjNy00OWQzLWE4NTAtODMyYWUxY2RjMmJi' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
cache-control: public, max-age=0, s-maxage=86340, stale-if-error=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gitbook-version: c73e07d
referrer-policy: no-referrer-when-downgrade
cf-ray: 8f1bfc4d7ebadbb7-FRA
server: cloudflare

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.gitbook.com/	1970-01-21 11:18:36	Name: __session Value: d08d6b9e-27e5-4e74-ad43-22fb6ea970b0R

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' ; script-src 'self' 'nonce-Mjg1NDk3ZWQtOGVkNS00MjA5LWJmNTgtNzRlNmM0Zjk2NzYy' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https://integrations.gitbook.com https://cdn.iframe.ly; style-src 'self' fonts.googleapis.com 'unsafe-inline'; img-src * 'self' blob: data: files.gitbook.com https://ka-p.fontawesome.com; connect-src * 'self' integrations.gitbook.com app.gitbook.com api.gitbook.com srv.buysellads.com https://ka-p.fontawesome.com; font-src 'self' fonts.gstatic.com ; frame-src *; object-src 'none'; base-uri 'self' ; form-action 'self' ; frame-ancestors https: ;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.gitbook.com
app.gitbook.com
ka-p.fontawesome.com
s0cm0nkey.gitbook.io
172.64.146.167
172.64.147.188
172.64.147.209
0007dacb56b8759bd82e3b92c7f6bb666a62e03a1311330d4d0b710f62456d69
08b17767f7f83b34b4ab0656fdb1515a723ee5aaff5b089b32baea803d06036b
09ecbc79dd831c288b4a8bd3559941e020d2e88c2295a47dd32972e60dbedcfb
0a7fc3de6341e5ab2853f213dbf792903cd35039daa9530a649a20a877ccac8a
0c39457c52d0c8e364b6e85f6216840479aafd3840f5e1ec9e3875c114ce095c
103ed4fecb0372b4bb2a982bc73d133d4cf95ce5a0ce1d667d9072ee9301e820
174cf4bcda0e8b87144f9b486df0a046ddd9f132169944531b547477cefe540f
18083929dee7dd5fab823383d1812465747d78deafc6b66fc757b170e8b67e8e
1c9de61a3fe6587fb097e6bc2811e49db9ed299521c77606243774f241aa4da0
1cec98a9ce1a1a92ea79971ad382222081000e7bd48343275d616dc2be5d7915
203e059a20b35700738943cdb813886126dcfe685e20a71e63ad91a81d6662c4
226a69120fca10de9de27995835213cdcc032511b096600cc40885630afc5319
27cba87be9356b2e2215f9dfa28e68be49b892595bb0730ecf0f6d62c1b6ee17
2824333c4a1bcf362f26a6c76ba757dbc70f1be616d03b952e4b0ced1ac03085
292339afa6df803ce7fc3215663b3c22e250c3ee07a8ba221a3f250d66f3c729
29858739d8cf8e0e1d8c02d9571e2dacb5d7bbaa975a685998b114b17add5e22
2d5e1e20d1e6b35ee42770e1fb48f79db1ac63833226c5903462e898f292cafd
30ba7c1be12c8004654c98136fd3b64d04881dc16205a448de905c8d232c46e2
3e6dafce9cdb0024fcb61013365544ac7e68dd9650f02a6a2c661b303cc980ba
41f90d66e405853ca80d4d66f4bd8ea768a4a85b600ca29773c1c499b1e17933
43e067d5aa641bb3f0380e6a187ecf78ab0ae51f1bf9913cf34a03c45211f7b0
4c780179fdc6281a24a03367341c70e2bd004f4f352299aea60d978ba6845253
6272afe239e7f7612b6372f536bba373f4c6094aca9f0774cc68dc57527f6be5
6352fbe7239df40a4fcf5579d0c48b4391d7ad3a6e076c8b34fad05301b1a165
6370c545634e776c55a07a301d543c4d2b2c443c2021f65a166a41ca942abd57
6440cd822c6ca76c00c3b189cf2e740a2543d89361e9f907f2e33ce92ac127bb
64bc2a00d28ef824b977ed1c523138d821eaa4576447153e02de70aacb071147
696d8bfc52a1d5e52ced70ab393aad280e1edbabf6a2aaf0f20a78fb39606450
6b9b4e42eed375d8aa08ff23372fb4b29411c85a5aea2bcf01edd23c960bf178
6e86e1238beedf433b5bbb8589f06907ef13f4344cc544b7e0dcc76735103f9e
74298a1e08f9981efd8936514550602a6fc4ab401302c8a09dee44c8ed5af1e7
78743bdfad4163c8559ee4f06d646adf79b77eadace2acdfed42c438aedeaf8f
7ab2a0562e22f0c92b3178ff3d9ca99c14646df6947a180f3e655305c7249f2c
8d4dd2307427b2c3627961d1c2c8ee40de95df9330be03b0c1bbe1d0c23079bf
97c7c5fb089f6dd442b91e0a25ab029dfd7e993f1021f3ec54e79e95a0326f26
9cbc4b3d81cadad68e7fcbad64d398eed79c20c7abdedb8f7df7f175c79d9809
9f087216fafd2db55572de7e3ff6786c2fc4ded571219c013b1ec870f6c21bf8
a2b5edbdd84e821da7830e59580a2581cfd2e2bfb01a197c3e9f919b7859fc0a
a5689941554eb06222c013249ffb511eef978820679cfd1e6759942c7aa06942
a65540109ec1e413cd9314ca8e3d8828fc8ea866765c189664e4b95f78307cc4
a6e25a83b646af5609576ed31f90470c277383fc7f0a03c892b82aa3f5f73a17
a945e22a2368d7015e482276f47f12029c102ddc721e03a3a766b6c34ed1d308
aaae1112232b969338cb2c737d737012a133adff8926bf9b007ed8dd3a026e23
ab97cf7b088afd6c94039c215384b1ce8221208b55958c1939077817e644ccef
abfcba259eaa583224bfd8ba46ceb0fc0b1f571fd13abce618faf117a9d95ed8
acea61ff9784ed58e10a162fcb727e905a1f52c657a4ff08441877ef0858c6af
b053c1a8d1743d15e13597718631b7f7d8eb96c7d283d071fbdb8b37e5e05fa7
b0e4399acd33dffdb93467ca96252e6a09fcb30cfa1cb5ec0533a6db47a3ae24
b6e57cba46ddf363a63dedf8dd0df125e2baaa48c1dae06ba4d1b69d809884b7
bbc81bb786e510aabd31b3060d5d8771f5c205135105e6c563537426b40b30b4
bf2a6a5f8c28ed6ebddf6fa704ad4f21d95c55a140c124b94dd4bf28b736a654
bf9cfe01317e3758dd38982921dc1f26cc7243237d02e7ed90d3830b6f4e8ed0
c63c446f7cec55334ce70922d7cea869633b1f7011872ef52dc506477cf5ab93
ce8eaa08f87a9a0fd47173ca39b9067106962a4b57f674b381538a81954c6d2d
d065db3bd8ef83a4536ae49b3b2a45d9cc835d3c6dca0ba10941bd4cb6d58ae1
d237488c90a460555330e71d279f9d08894c0ae303c7bea1fca2c0efe886ec10
d28f1e534a33cd1776a3d13ad2bfa066d358e741af06b37a6a4c716f5fbb29fd
d6aeb96d10e63ad9eb17a7fb13d8209191ea6d5d93a779ad3c7250b719d3c40c
d97c104edac2c08d7b4dd642dc569224782df23e8675bea41b9a63eae25765ae
dceef739a3784e7d962af1e9fa3eab86ba71473ef68044f395f456ea6b24587c
e745a051fade69ed0d6a92fe8f0437d646bafe59a91f3c6654b0c4295c1ed91f
ea9072df347a83b3ce9733788bf0af193a8d5d5437562541f2ac3664d14f3cd5
eada73c016775094674c94215fd8248667b11479eeff9c2634e9b903cfb28dc9
edfea28bd5e2960db32eea6015befb79cab4dd22d4df95474ae6e8f4430df136
ee2ecf7190c4788144e3157bb038ac36e99db03533b6e7e41b6a7f5b86f6699d
f0aef34f088789c35fa37c50b9fdb308f421d8ab4f460a4f40ab3003426a42bd
f36940f3151747d8e7d1e1b37d1e39ba7e309e547c11f76688c2b6c7a09922e3
f3ce1bf916194bae639eb25586754a8964d8f8a1c703129346a30fc10cf3727a
f912415e84ceb5a06689f96705479e1392fdcaae7507419c25b4b22a81806184
f9eff477d572bb75c3ca5e1038ae0292e0e4d6fc5f83f6e60aaf95d11dd0d733
fb1fc9baaa140f725c677e015dda453d0804fac46165d43bf40a876af79d4af9
fe489d4c9ac52d1c839a81e3d30ba5a571f3c19e6499194cb6a58ca88db74425
fea4c39ffe063522a77525b7a3b0e427a72621d63cd4acd8e35a29af3f6b1c92

s0cm0nkey.gitbook.io Open in urlscan Pro 172.64.147.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

75 Requests

100 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

3 IPs

1 Countries

2433 kBTransfer

4347 kBSize

1 Cookies

50 Outgoing links

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

s0cm0nkey.gitbook.io Open in urlscan Pro
172.64.147.209 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

1
Countries

2433 kB
Transfer

4347 kB
Size

1
Cookies

75 HTTP transactions
0 data transactions